Lucene search
HistoryJan 26, 2023 - 9:18 p.m.
CVE-2023-24458
cve-2023-24458
cross-site request forgery
jenkins bearychat plugin
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
33.0%
A cross-site request forgery (CSRF) vulnerability in Jenkins BearyChat Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified URL.
Affected configurations
Node
jenkinsbearychatRange≤3.0.2jenkins
Related
github
github
Cross-site request forgery vulnerability in Jenkins BearyChat Plugin
2023-01-26 21:30:17
cve
cve
CVE-2023-24458
2023-01-26 21:18:19
osv
osv
CVE-2023-24458
2023-01-26 21:18:19
Cross-site request forgery vulnerability in Jenkins BearyChat Plugin
2023-01-26 21:30:17
prion
prion
Cross site request forgery (csrf)
2023-01-26 21:18:00
cvelist
cvelist
CVE-2023-24458
2023-01-24 00:00:00
alpinelinux
alpinelinux
CVE-2023-24458
2023-01-26 21:18:19
nessus
nessus
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
33.0%
Related for NVD:CVE-2023-24458