A cross-site request forgery (CSRF) vulnerability in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers to connect to Frugal Testing using attacker-specified credentials, and to retrieve test IDs and names from Frugal Testing, if a valid credential corresponds to the attacker-specified username.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: jenkins
Published: 2023-09-06T12:09:02.919Z
Updated: 2024-08-02T19:09:49.381Z
Reserved: 2023-09-05T16:39:57.394Z
Link: CVE-2023-41946
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-09-06T13:15:11.887
Modified: 2023-09-11T19:07:01.407
Link: CVE-2023-41946
Redhat
No data.