CVE-2021-21678

Summary

Jenkins SAML Plugin 2.0.7 and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins SAML Plugin1.1.3 < unspecifiedaffected
Jenkins projectJenkins SAML Pluginunspecified <= 2.0.7affected
Jenkins projectJenkins SAML Plugin1.1.8unaffected
Jenkins projectJenkins SAML Plugin2.0.3.1unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References