Lucene search
Keycloak Authentication Security Vulnerabilities
cve
Jenkins Keycloak Authentication Plugin 2.3.0 and earlier does not invalidate the previous session on login.
9.8CVSS
9.4AI Score
0.002EPSS
2023-01-26 09:18 PM
54
cve
A cross-site request forgery (CSRF) vulnerability in Jenkins Keycloak Authentication Plugin 2.3.0 and earlier allows attackers to trick users into logging in to the attacker's account.
6.5CVSS
6.4AI Score
0.001EPSS
2023-01-26 09:18 PM
45