CVE-2021-21679

Summary

Jenkins Azure AD Plugin 179.vf6841393099e and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Azure AD Plugin164.v5b48baa961d2 < unspecifiedaffected
Jenkins projectJenkins Azure AD Pluginunspecified <= 179.vf6841393099eaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References