Jenkins Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2017-2613 - Vulnerability Database

Jenkins Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2017-2613

Medium

Reference: CVE-2017-2613

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2017-2613

Title: Jenkins Cross-Site Request Forgery (CSRF) Vulnerability

Overview:

jenkins before versions 2.44 2.32.2 is vulnerable to a user creation CSRF using GET by admins. While this user record was only retained until restart in most cases administrators39 web browsers could be manipulated to create a large number of user records (SECURITY-406).