CVE List

CVE-2019-10353

Critical 7.5

CSRF tokens in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier did not expire, thereby allowing attackers able to obtain them to bypass CSRF protection.

Published July 17, 2019.

Affected software

Jenkins Jenkins

Reference links

Sign Up for Alerts