An session fixation vulnerability exists in Jenkins GitHub Authentication Plugin 0.29 and previous versions in GithubSecurityRealm.java that allows unauthorized malicious users to impersonate another user if they can control the pre-authentication session.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jenkins github oauth |