jenkins_cas

unspecified

OTHER 1 CVE

1.6.0

SEMANTIC 1 CVE

1.6.2

SEMANTIC 1 CVE

0

SINGLE_NUMBER 1 CVE

CVE-2023-32997

Jenkins CAS Plugin 1.6.2 and earlier does not invalidate the previous session on login.

UNKNOWN May 16, 2023

CVE-2021-21673

Jenkins CAS Plugin 1.6.0 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks.

UNKNOWN Jun 30, 2021