FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

jenkins -- multiple vulnerabilities

Affected packages
jenkins <= 2.191
jenkins-lts <= 2.176.2

Details

VuXML ID 7a7891fc-6318-447a-ba45-31d525ec11a0
Discovery 2019-08-28
Entry 2019-08-28

Jenkins Security Advisory:

Description

(Medium) SECURITY-1453 / CVE-2019-10383

Stored XSS vulnerability in update center

(High) SECURITY-1491 / CVE-2019-10384

CSRF protection tokens for anonymous users did not expire in some circumstances

[source]

References

CVE Name CVE-2019-10383
CVE Name CVE-2019-10384
URL https://jenkins.io/security/advisory/2019-08-28/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.