2 matches found
CVE-2018-1000602
A session fixation vulnerability exists in Jenkins SAML Plugin 1.0.6 and earlier in SamlSecurityRealm.java that allows unauthorized attackers to impersonate another users if they can control the pre-authentication session...
CVE-2018-1000602
The CVE-2018-1000602 entry identifies a session-fixation issue in the Jenkins SAML Plugin (versions ≤ 1.0.6) affecting the SamlSecurityRealm.java flow, allowing an attacker who controls a pre-authentication session to impersonate other users. The vulnerability is specific to the SAML Plugin imple...