CVE-2023-24446

Cross-Site Request Forgery (CSRF) in maven/org.jenkins-ci.plugins/openid

Identifiers

GHSA-96jv-c7m6-q43g, CVE-2023-24446

Package Slug

maven/org.jenkins-ci.plugins/openid

Vulnerability

Cross-Site Request Forgery (CSRF)

Description

A cross-site request forgery (CSRF) vulnerability in Jenkins OpenID Plugin 2.4 and earlier allows attackers to trick users into logging in to the attacker's account.

Affected Versions

All versions up to 2.4

Solution

Unfortunately, there is no solution available yet.

Last Modified

2023-01-27

source