CVE-2015-1814

2015-10-16T20:59:00
ID CVE-2015-1814
Type cve
Reporter cve@mitre.org
Modified 2016-06-15T17:04:00

Description

The API token-issuing service in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to gain privileges via a "forced API token change" involving anonymous users.