2 matches found
CVE-2023-37945
A missing permission check in Jenkins SAML Single Sign OnSSO Plugin 2.1.0 through 2.3.0 both inclusive allows attackers with Overall/Read permission to download a string representation of the current security realm...
CVE-2023-37945
The CVE concerns Jenkins SAML Single Sign On (SSO) Plugin. A missing permission check in HTTP endpoints allows attackers with Overall/Read to download a string representation of the current security realm. Affected versions are 2.1.0 through 2.3.0; 2.3.1 fixes the issue. Impacts are limited to in...