4 matches found
CVE-2023-39153
A cross-site request forgery CSRF vulnerability in Jenkins GitLab Authentication Plugin 1.17.1 and earlier allows attackers to trick users into logging in to the attacker's account...
CVE-2023-39153
A cross-site request forgery CSRF vulnerability in Jenkins GitLab Authentication Plugin 1.17.1 and earlier allows attackers to trick users into logging in to the attacker's account...
CVE-2023-39153
CVE-2023-39153 is a CSRF vulnerability in Jenkins GitLab Authentication Plugin versions ≤ 1.17.1. The flaw allows an attacker to lure a logged-in user into authenticating to the attacker’s account, via a crafted request, effectively abusing the OAuth flow. The root cause is the plugin’s lack of a...
CVE-2023-39153
A cross-site request forgery CSRF vulnerability in Jenkins GitLab Authentication Plugin 1.17.1 and earlier allows attackers to trick users into logging in to the attacker's account...