CVE-2019-10371

A session fixation vulnerability in Jenkins Gitlab Authentication Plugin 1.4 and earlier in GitLabSecurityRealm.java allows unauthorized attackers to impersonate another user if they can control the pre-authentication session.
References
Configurations

Configuration 1

cpe:2.3:a:jenkins:gitlab_oauth:*:*:*:*:*:jenkins:*:*

Information

Published : 2019-08-07 03:15

Updated : 2019-10-09 11:44


NVD link : CVE-2019-10371

Mitre link : CVE-2019-10371

Products Affected
No products.
CWE
CWE-384

Session Fixation