Description
A cross-site request forgery (CSRF) vulnerability in Jenkins LDAP Plugin allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials.
Remediation
References
https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3046
Related Vulnerabilities
CVE-2015-5169 Vulnerability in maven package org.apache.struts:struts2-core
CVE-2019-20503 Vulnerability in maven package org.webjars.npm:electron
CVE-2021-21602 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2023-45143 Vulnerability in maven package org.webjars.npm:undici
CVE-2020-1936 Vulnerability in maven package org.apache.ambari:ambari-web