Lucene search
HistoryJan 26, 2023 - 9:18 p.m.
CVE-2023-24458
cve-2023-24458
cross-site request forgery
jenkins bearychat plugin
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
27.6%
A cross-site request forgery (CSRF) vulnerability in Jenkins BearyChat Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified URL.
Affected configurations
Node
jenkinsbearychatRange≤3.0.2jenkins
Related
osv
osv
Cross-site request forgery vulnerability in Jenkins BearyChat Plugin
2023-01-26 21:30:17
CVE-2023-24458
2023-01-26 21:18:19
github
github
Cross-site request forgery vulnerability in Jenkins BearyChat Plugin
2023-01-26 21:30:17
cve
cve
CVE-2023-24458
2023-01-26 21:18:19
alpinelinux
alpinelinux
CVE-2023-24458
2023-01-26 21:18:19
prion
prion
Cross site request forgery (csrf)
2023-01-26 21:18:00
cvelist
cvelist
CVE-2023-24458
2023-01-24 00:00:00
nessus
nessus
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
27.6%
Related for NVD:CVE-2023-24458