Jenkins: >> Blue Ocean >> 1.27.4 Security Vulnerabilities
A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.27.5 and earlier allows attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job.
CVSS Score
8.8
EPSS Score
0.004
Published
2023-08-16