A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy a view inside a folder.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors Products
Jenkins
  • Folders

Configuration 1 [-]

cpe:2.3:a:jenkins:folders:*:*:*:*:*:jenkins:*:*
References
Link Resource
http://www.openwall.com/lists/oss-security/2023/08/16/3 Mailing List
https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3105 Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: jenkins

Published: 2023-08-16T14:32:50.031Z

Updated: 2023-10-24T12:51:20.506Z

Reserved: 2023-08-14T16:02:56.435Z

Link: CVE-2023-40337

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2023-08-16T15:15:11.420

Modified: 2023-08-22T18:45:37.287

Link: CVE-2023-40337

JSON object: View

cve-icon Redhat Information

No data.

CWE