CVE-2023-24458

2023-01-2621:18:19

Google

osv.dev

0.001 Low

EPSS

Percentile

27.0%

JSON

A cross-site request forgery (CSRF) vulnerability in Jenkins BearyChat Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified URL.

CPENameOperatorVersion
bearychat-plugineqbearychat-2.1
bearychat-plugineqbearychat-3.0.1
bearychat-plugineqbearychat-1.1
bearychat-plugineqbearychat-1.3
bearychat-plugineqbearychat-3.0.2
bearychat-plugineqbearychat-1.2
bearychat-plugineqbearychat-1.0
bearychat-plugineqbearychat-2.0
bearychat-plugineqbearychat-1.4

Name	Operator	Version
bearychat-plugin	eq	bearychat-2.1
bearychat-plugin	eq	bearychat-3.0.1
bearychat-plugin	eq	bearychat-1.1
bearychat-plugin	eq	bearychat-1.3
bearychat-plugin	eq	bearychat-3.0.2
bearychat-plugin	eq	bearychat-1.2
bearychat-plugin	eq	bearychat-1.0
bearychat-plugin	eq	bearychat-2.0
bearychat-plugin	eq	bearychat-1.4

References

www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2745

0.001 Low

EPSS

Percentile

27.0%

JSON

Related for OSV:CVE-2023-24458