Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2023-24457

Disclosure Date: January 26, 2023 (last updated February 24, 2025)
A cross-site request forgery (CSRF) vulnerability in Jenkins Keycloak Authentication Plugin 2.3.0 and earlier allows attackers to trick users into logging in to the attacker's account.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-24456

Disclosure Date: January 26, 2023 (last updated February 24, 2025)
Jenkins Keycloak Authentication Plugin 2.3.0 and earlier does not invalidate the previous session on login.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0