Description
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with multiple accounts to cause a denial of service (unable to login) by editing the "full name."
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Dynamic Keywords Injector Cross-Site Request Forgery (2.3.15)
Liferay DXP Incorrect Default Permissions Vulnerability (CVE-2021-33334)
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5338)
WordPress 2.8.3 Admin Password Reset Security Bypass Vulnerability (0.6.2 - 2.8.3)
WordPress Plugin Contact Form by BestWebSoft Email Header Injection (3.83)