Cross-Site Request Forgery (CSRF) Vulnerability in Jenkins Assembla Auth Plugin 1.14 and Earlier Allows Account Hijacking

Cross-Site Request Forgery (CSRF) Vulnerability in Jenkins Assembla Auth Plugin 1.14 and Earlier Allows Account Hijacking

CVE-2023-37961 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

A cross-site request forgery (CSRF) vulnerability in Jenkins Assembla Auth Plugin 1.14 and earlier allows attackers to trick users into logging in to the attacker's account.

Learn more about our User Device Pen Test.