vulnerability
FreeBSD: VID-7A7891FC-6318-447A-BA45-31D525EC11A0 (CVE-2019-10384): jenkins -- multiple vulnerabilities
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Aug 28, 2019 | Aug 29, 2019 | Sep 17, 2019 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Aug 28, 2019
Added
Aug 29, 2019
Modified
Sep 17, 2019
Description
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.
From VID-7A7891FC-6318-447A-BA45-31D525EC11A0:
Jenkins Security Advisory:
Description
(Medium) SECURITY-1453 / CVE-2019-10383
Stored XSS vulnerability in update center
(High) SECURITY-1491 / CVE-2019-10384
CSRF protection tokens for anonymous users did not expire in some circumstances
Solution(s)
freebsd-upgrade-package-jenkinsfreebsd-upgrade-package-jenkins-lts
References

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.