A missing permission check in Jenkins SAML Single Sign On(SSO) Plugin 2.1.0 up to and including 2.3.0 (both inclusive) allows attackers with Overall/Read permission to download a string representation of the current security realm.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jenkins saml single sign on |