📦 Cas

The Jenkins CAS Plugin 1.6.2 and earlier fails to invalidate previous user sessions upon login, allowing session fixation attacks. This vulnerability enables attackers to hijack user sessions by forci...