CVEs (2)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
A cross-site request forgery (CSRF) vulnerability in Jenkins Keycloak Authentication Plugin 2.3.0 and earlier allows attackers to trick users into logging in to the attacker's account. |
1Jenkins 1Keycloak Authentication Jun 17, 2026 Jan 26, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Jenkins Keycloak Authentication Plugin 2.3.0 and earlier does not invalidate the previous session on login. |