CSRF Vulnerability in Jenkins Gerrit Trigger Plugin Allows Unauthorized Rebuilding of Previous Builds

CSRF Vulnerability in Jenkins Gerrit Trigger Plugin Allows Unauthorized Rebuilding of Previous Builds

CVE-2023-24423 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

A cross-site request forgery (CSRF) vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit.

Learn more about our Web Application Penetration Testing UK.