CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jenkins: >> Cas >> 1.4.3 Security Vulnerabilities

CVE-2023-32997

Jenkins CAS Plugin 1.6.2 and earlier does not invalidate the previous session on login.

CVSS Score

8.8

EPSS Score

0.002

Published

2023-05-16

CVE-2021-21673

Jenkins CAS Plugin 1.6.0 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks.

CVSS Score

6.1

EPSS Score

0.007

Published

2021-06-30

Page 1

Vulnerabilities

Vulnerable Software

Jenkins: >> Cas >> 1.4.3 Security Vulnerabilities

Products

Pricing

Contact Us