CVE-2024-23902 | GitLab Branch Source Plugin up to 684.vea_fa_7c1e2fe3 on Jenkins POST Request cross-site request forgery

Inserito da Angelo Barbosa | Gen 24, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in GitLab Branch Source Plugin up to 684.vea_fa_7c1e2fe3 on Jenkins. Affected by this issue is some unknown functionality of the component POST Request Handler. The manipulation leads to cross-site request forgery.

This vulnerability is handled as CVE-2024-23902. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-23902 | GitLab Branch Source Plugin up to 684.vea_fa_7c1e2fe3 on Jenkins POST Request cross-site request forgery

Post correlati

CVE-2024-6970 | itsourcecode Tailoring Management System 1.0 /staffcatadd.php title sql injection

CVE-2024-31409 | CyberPower PowerPanel up to 4.9.0 MQTT Wildcard improper authorization (icsa-24-123-01)

CVE-2024-2014 | Panabit Panalog 202103080942 sprog_upstatus.php id sql injection

CVE-2024-22338 | IBM Security Verify Access OIDC Provider up to 23.03 information disclosure (XFDB-279978)