Lucene search

K
osvGoogleOSV:GHSA-682G-C99V-9R2G
HistoryMay 24, 2022 - 4:52 p.m.

Jenkins Gitlab Authentication Plugin vulnerable to Session Fixation

2022-05-2416:52:45
Google
osv.dev
4

0.002 Low

EPSS

Percentile

55.2%

A session fixation vulnerability in Jenkins Gitlab Authentication Plugin 1.4 and earlier in GitLabSecurityRealm.java allows unauthorized attackers to impersonate another user if they can control the pre-authentication session.

0.002 Low

EPSS

Percentile

55.2%

Related for OSV:GHSA-682G-C99V-9R2G