Description

JFrog Artifactory versions 7.59 and above, but below 7.59.18, 7.63.18, 7.68.19, 7.71.8 are vulnerable to an issue whereby user interaction with specially crafted URLs could lead to exposure of user access tokens due to improper handling of the CLI / IDE browser based SSO integration.

Remediation

References

CVE-2023-42662

Related Vulnerabilities

WordPress Plugin Social Articles Security Bypass (2.4)

WordPress Plugin Social Sharing-Sassy Social Share Cross-Site Scripting (3.3.44)

WordPress Plugin WP BASE Booking of Appointments, Services and Events PHP Object Injection (3.5.0)

WordPress Plugin Request Quote via Whatsapp for Woocommerce Cross-Site Scripting (1.0.1)

Oracle Application Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2002-2347)

Severity

Medium

Classification

CVE-2023-42662 CWE-287 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities