Advisories for Maven/Org.jenkins-Ci.plugins/Saml package

Jenkins SAML Plugin allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins.

A session fixation vulnerability exists in the Jenkins SAML Plugin that allows unauthorized attackers to impersonate another users if they can control the pre-authentication session.