CVE-2023-32980

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-32980

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-32980.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-32980

Aliases

GHSA-2f89-66v2-9p53

Downstream

RHSA-2023:3625

Published

2023-05-16T16:15:10.753Z

Modified

2026-04-11T12:45:16.296251Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

A cross-site request forgery (CSRF) vulnerability in Jenkins Email Extension Plugin allows attackers to make another user stop watching an attacker-specified job.

References

https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3088%20(2)

Affected packages

Git / github.com/jenkinsci/email-ext-plugin

Affected ranges

Type

GIT

Repo

https://github.com/jenkinsci/email-ext-plugin

Events

Introduced

Last affected

2188d677142eacb5164b6055bfe9dca6a7f3a787

Database specific

{
    "source": "CPE_FIELD",
    "cpe": "cpe:2.3:a:jenkins:email_extension:*:*:*:*:*:jenkins:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.96"
        }
    ]
}

Affected versions

email-ext-2.*

email-ext-2.11

email-ext-2.12

email-ext-2.13

email-ext-2.14

email-ext-2.15

email-ext-2.16

email-ext-2.17

email-ext-2.18

email-ext-2.19

email-ext-2.20

email-ext-2.21

email-ext-2.22

email-ext-2.24

email-ext-2.24.1

email-ext-2.25

email-ext-2.27

email-ext-2.27.1

email-ext-2.29

email-ext-2.30

email-ext-2.30.1

email-ext-2.30.2

email-ext-2.31

email-ext-2.32

email-ext-2.33

email-ext-2.34

email-ext-2.35

email-ext-2.35.1

email-ext-2.37

email-ext-2.37.1

email-ext-2.37.2

email-ext-2.39

email-ext-2.40

email-ext-2.40.2

email-ext-2.41

email-ext-2.41.2

email-ext-2.42

email-ext-2.43

email-ext-2.44

email-ext-2.45

email-ext-2.46

email-ext-2.47

email-ext-2.48

email-ext-2.49

email-ext-2.50

email-ext-2.51

email-ext-2.52

email-ext-2.55

email-ext-2.56

email-ext-2.57

email-ext-2.58

email-ext-2.59

email-ext-2.60

email-ext-2.61

email-ext-2.62

email-ext-2.63

email-ext-2.64

email-ext-2.65

email-ext-2.66

email-ext-2.67

email-ext-2.68

email-ext-2.69

email-ext-2.71

email-ext-2.72

email-ext-2.73

email-ext-2.74

email-ext-2.75

email-ext-2.76

email-ext-2.77

email-ext-2.78

email-ext-2.79

email-ext-2.80

email-ext-2.81

email-ext-2.82

email-ext-2.83

email-ext-2.84

email-ext-2.85

email-ext-2.86

email-ext-2.87

email-ext-2.88

email-ext-2.89

email-ext-2.90

email-ext-2.91

email-ext-2.92

email-ext-2.93

email-ext-2.95

email-ext-2.96

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-32980.json"