Back to search
CVE-2023-32995
Published: May 16, 2023
Modified: Jan 23, 2025
PUBLISHED
Description
A cross-site request forgery (CSRF) vulnerability in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails.
| Vendor | Product | Versions |
|---|---|---|
Jenkins Project | Jenkins SAML Single Sign On(SSO) Plugin | affected 0 - <= 2.0.0 |
References
Jenkins Security Advisory 2023-05-16
vendor-advisory
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now