CVE-2013-0327

描述

Cross-site request forgery (CSRF) vulnerability in Jenkins master in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to hijack the authentication of users via unknown vectors.

受影響套件(1)

• Maven/org.jenkins-ci.main:jenkins-core>= 1.481, < 1.502

參考連結(8)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2013-0327
• WEBhttp://rhn.redhat.com/errata/RHSA-2013-0638.html
• WEBhttps://access.redhat.com/errata/RHSA-2013:0638
• WEBhttps://access.redhat.com/security/cve/CVE-2013-0327
• WEBhttps://bugzilla.redhat.com/show_bug.cgi?id=914875
• WEBhttps://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16
• WEBhttp://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb
• WEBhttp://www.openwall.com/lists/oss-security/2013/02/21/7