A cross-site request forgery (CSRF) vulnerability in Jenkins Keycloak Authentication Plugin 2.3.0 and earlier allows attackers to trick users into logging in to the attacker's account.
2023-01-26T21:18:19.037
2025-04-02T14:15:42.560
Modified
CVSSv3.1: 6.5 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | jenkins | keycloak_authentication | ≤ 2.3.0 | Yes |