cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-32997,https://securityvulnerability.io/vulnerability/CVE-2023-32997,Session Management Flaw in Jenkins CAS Plugin by Jenkins,"The Jenkins CAS Plugin, up to version 1.6.2, contains a session management error where prior user sessions are not invalidated upon login. This vulnerability can allow attackers to potentially access sensitive user data if they exploit the delayed session invalidation. Properly managing user sessions is a critical aspect of application security, and the failure to do so can lead to significant risks, especially in collaborative environments.",Jenkins,Jenkins Cas Plugin,8.8,HIGH,0.0020099999383091927,false,,false,false,false,,,false,false,,2023-05-16T17:15:00.000Z,0
CVE-2021-21673,https://securityvulnerability.io/vulnerability/CVE-2021-21673,,"Jenkins CAS Plugin 1.6.0 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks.",Jenkins,Jenkins Cas Plugin,6.1,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2021-06-30T16:45:20.000Z,0