Jenkins GitLab Auth Plugin <1.17.1 (CSRF: forced login)
CVE-2023-39153 Published on July 26, 2023

A cross-site request forgery (CSRF) vulnerability in Jenkins GitLab Authentication Plugin 1.17.1 and earlier allows attackers to trick users into logging in to the attacker's account.

Vendor Advisory NVD

Products Associated with CVE-2023-39153

Want to know whenever a new CVE is published for Jenkins Gitlab Authentication? stack.watch will email you.

Jenkins Gitlab Authentication

Affected Versions

Jenkins Project Jenkins GitLab Authentication Plugin:

Before and including 1.17.1 is affected.

Exploit Probability

EPSS

0.08%

Percentile

23.56%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Jenkins GitLab Auth Plugin <1.17.1 (CSRF: forced login)CVE-2023-39153 Published on July 26, 2023

Products Associated with CVE-2023-39153

Affected Versions

Exploit Probability

Jenkins GitLab Auth Plugin <1.17.1 (CSRF: forced login)
CVE-2023-39153 Published on July 26, 2023