Jenkins OpenID Plugin CSRF Vulnerability: Account Hijacking via Login Manipulation
CVE-2023-24446 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
A cross-site request forgery (CSRF) vulnerability in Jenkins OpenID Plugin 2.4 and earlier allows attackers to trick users into logging in to the attacker's account.
Learn more about our User Device Pen Test.