CVE-2013-0327

Description

Cross-site request forgery (CSRF) vulnerability in Jenkins master in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to hijack the authentication of users via unknown vectors.

Affected packages (1)

• Maven/org.jenkins-ci.main:jenkins-core>= 1.481, < 1.502

References (8)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2013-0327
• WEBhttp://rhn.redhat.com/errata/RHSA-2013-0638.html
• WEBhttps://access.redhat.com/errata/RHSA-2013:0638
• WEBhttps://access.redhat.com/security/cve/CVE-2013-0327
• WEBhttps://bugzilla.redhat.com/show_bug.cgi?id=914875
• WEBhttps://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16
• WEBhttp://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb
• WEBhttp://www.openwall.com/lists/oss-security/2013/02/21/7