5 matches found
CVE-2023-32997
Jenkins CAS Plugin 1.6.2 and earlier does not invalidate the previous session on login...
CVE-2023-32997
Jenkins CAS Plugin 1.6.2 and earlier does not invalidate the previous session on login...
CVE-2023-32997
The CVE-2023-32997 entry concerns the Jenkins CAS Plugin (versions 1.6.2 and earlier) that does not invalidate the existing session on login, enabling a session fixation risk. Multiple connected sources corroborate this behavior and describe it as allowing an attacker to potentially gain administ...
CVE-2023-32997
Jenkins CAS Plugin 1.6.2 and earlier does not invalidate the previous session on login...
CVE-2023-32997
Jenkins CAS Plugin 1.6.2 and earlier does not invalidate the previous session on login...