CVE-2023-32996

Name of the Vulnerable Software and Affected Versions Jenkins SAML Single Sign On(SSO) Plugin versions 2.0.0 and earlier

Description A missing permission check in the Jenkins SAML Single Sign On(SSO) Plugin allows attackers with Overall/Read permission to send an HTTP POST request with a JSON body containing attacker-specified content to miniOrange's API for sending emails. This issue also results in a cross-site request forgery (CSRF) vulnerability, as the affected HTTP endpoint does not require POST requests.

Recommendations For Jenkins SAML Single Sign On(SSO) Plugin versions 2.0.0 and earlier, update to version 2.0.1 or later, which removes the affected HTTP endpoint. As a temporary workaround, consider restricting access to the vulnerable HTTP endpoint to minimize the risk of exploitation. Additionally, restrict the use of the Overall/Read permission to prevent attackers from sending malicious requests to miniOrange's API.