vulnerability

FreeBSD: VID-7A7891FC-6318-447A-BA45-31D525EC11A0 (CVE-2019-10384): jenkins -- multiple vulnerabilities

Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Aug 28, 2019
Added
Aug 29, 2019
Modified
Sep 17, 2019

Description

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.


From VID-7A7891FC-6318-447A-BA45-31D525EC11A0:




Jenkins Security Advisory:



Description


(Medium) SECURITY-1453 / CVE-2019-10383


Stored XSS vulnerability in update center


(High) SECURITY-1491 / CVE-2019-10384


CSRF protection tokens for anonymous users did not expire in some circumstances




Solution(s)

freebsd-upgrade-package-jenkinsfreebsd-upgrade-package-jenkins-lts
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.