Cross-Site Request Forgery Vulnerability in Jenkins Assembla Auth Plugin
CVE-2023-37961
8.8HIGH
What is CVE-2023-37961?
A cross-site request forgery vulnerability has been identified in the Assembla Auth Plugin for Jenkins, affecting versions 1.14 and earlier. This issue enables attackers to potentially deceive users into executing unintended actions, which could lead to unauthorized login to the attacker's account. With this vulnerability, the integrity of user sessions is compromised, making it a significant security concern for Jenkins users relying on this plugin.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Jenkins Assembla Auth Plugin 0 <= 1.14
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved