CVE-2023-32987

Cross-Site Request Forgery (CSRF) in maven/org.jenkins-ci.plugins/reverse-proxy-auth-plugin

Identifiers

CVE-2023-32987, GHSA-pmmr-r9v2-59p8

Package Slug

maven/org.jenkins-ci.plugins/reverse-proxy-auth-plugin

Vulnerability

Cross-Site Request Forgery (CSRF)

Description

A cross-site request forgery (CSRF) vulnerability in Jenkins Reverse Proxy Auth Plugin 1.7.4 and earlier allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials.

Affected Versions

All versions before 1.7.5

Solution

Upgrade to version 1.7.5 or above.

Last Modified

2023-05-17

source