Back to bug 2232422
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Zack Miele | 2023-08-16 19:50:56 UTC | Blocks | 2232427 | |
| Guilherme de Almeida Suckevicz | 2023-08-16 20:19:19 UTC | CC | dfreiber, jburrell, rogbas, vkumar | |
| Guilherme de Almeida Suckevicz | 2023-08-16 20:26:19 UTC | Summary | TRIAGE-CVE-2023-40341 Re: Multiple vulnerabilities in Jenkins plugins | TRIAGE-CVE-2023-40341 jenkins-plugins: blueocean: CSRF vulnerability in Blue Ocean Plugin allows capturing credentials |
| Avinash Hanwate | 2023-08-17 06:37:34 UTC | Alias | TRIAGE-CVE-2023-40341 | CVE-2023-40341 |
| Fixed In Version | Blue Ocean Plugin 1.27.5.1 | |||
| Doc Text | A flaw was found in the blueocean Jenkins plugin. Affected versions of this plugin allow attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job. | |||
| Summary | TRIAGE-CVE-2023-40341 jenkins-plugins: blueocean: CSRF vulnerability in Blue Ocean Plugin allows capturing credentials | CVE-2023-40341 jenkins-plugins: blueocean: CSRF vulnerability in Blue Ocean Plugin allows capturing credentials |
Back to bug 2232422