CVE-2023-40351
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Published Aug 16, 2023
Updated: Aug 22, 2023
CWE ID 352
Summary
CVE-2023-40351 is a newly disclosed cross-site request forgery (CSRF) vulnerability affecting the Jenkins Favorite View Plugin version 5.v77a_37f62782d and prior. This issue permits attackers to manipulate another user's favorite views tab bar by executing malicious requests. As a result, users can unwittingly add or remove favorite views, potentially disrupting their workflows or compromising critical configurations. This vulnerability underscores the importance of keeping Jenkins plugins updated to mitigate potential security risks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share