CVE-2021-21679

September 8, 2021

Jenkins Azure AD Plugin 179.vf6841393099e and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins.

Summary:

Jenkins Azure AD Plugin 179.vf6841393099e and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins.

Reference Links(if available):

  • https://www.jenkins.io/security/advisory/2021-08-31/#SECURITY-2470
  • http://www.openwall.com/lists/oss-security/2021/08/31/1

  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)

  • You may have missed

    news

    UK Shoppers Warned: Over £11.5m Lost to Scammers Last Christmas

    November 19, 2024
    news

    FTC Reports 50% Decline in Scam and Nuisance Calls Since 2021

    November 19, 2024
    news

    BeaverTail Phishing Campaign: The Threat of North Korean IT Workers

    November 19, 2024
    news

    Phishing Scam Alert: Fake Donald Trump Assassination Story Circulating

    November 19, 2024
    news

    Increase in DocuSign Phishing Attacks Targeting US State Contractors

    November 19, 2024