CVE-2019-10353

Summary

CSRF tokens in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier did not expire, thereby allowing attackers able to obtain them to bypass CSRF protection.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins2.185 and earlier, LTS 2.176.1 and earlieraffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References