CVE-2019-10353

Published: Jul 17, 2019
Updated: Oct 26, 2023
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2019-10353" target="_blank" rel="noopener"> CVE-2019-10353
GHSA: <a href="https://github.com/advisories/GHSA-hcxf-rq72-h4rr" target="_blank" rel="noopener"> GHSA-hcxf-rq72-h4rr
Severity: High
Exploit:

CSRF tokens in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier did not expire, thereby allowing attackers able to obtain them to bypass CSRF protection.

CVSS v3:

CVSS v2:

CWEs: