Jenkins Keycloak Authentication Plugin 2.3.0 and earlier does not invalidate the previous session on login.
2023-01-26T21:18:18.957
2025-04-02T14:15:42.353
Modified
CVSSv3.1: 9.8 (CRITICAL)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | jenkins | keycloak_authentication | ≤ 2.3.0 | Yes |