CVE-2023-43502
published 2023-09-20CVE-2023-43502: A cross-site request forgery (CSRF) vulnerability in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers to delete Failure Causes.
medium4.3CVSS 3.1
AVNACLPRNUIRSUCNILAN
A cross-site request forgery (CSRF) vulnerability in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers to delete Failure Causes.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | build_failure_analyzer | < 2.4.2 | 2.4.2 |
| jenkins | build_failure_analyzer_plugin | — | — |
| jenkins | jenkins_core | — | — |
| jenkins | jenkins_creates_a_temporary_file_when_a_plugin | — | — |
| jenkins | jenkins_lts | — | — |
| jenkins | jenkins_weekly | — | — |
| jenkins_project | jenkins_build_failure_analyzer_plugin | <= 2.4.1 | — |