Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-rr93-7c6x-8v4v

GitHub Security Advisory

Cross-Site Request Forgery in Jenkins Azure Credentials Plugin

✓ GitHub Reviewed HIGH Has CVE
View on GitHub

Advisory Details

A cross-site request forgery (CSRF) vulnerability in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers to connect to an attacker-specified web server.

Affected Packages

Maven org.jenkins-ci.plugins:azure-credentials
Affected versions: 0 (fixed in 254.v64da_8176c83a)

Related CVEs

CVE-2023-25767

Key Information

GHSA ID
GHSA-rr93-7c6x-8v4v
Published
February 15, 2023 3:30 PM
Last Modified
February 24, 2023 4:03 PM
CVSS Score
7.5 /10
Primary Ecosystem
Maven
Primary Package
org.jenkins-ci.plugins:azure-credentials
GitHub Reviewed
✓ Yes

Dataset

Last updated: July 5, 2025 6:26 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.