CVE List

CVE-2019-10353

Critical 7.5

CSRF tokens in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier did not expire, thereby allowing attackers able to obtain them to bypass CSRF protection.

Published July 17, 2019.

Affected software

Get alerts for Jenkins Jenkins

Reference links