3 matches found
CVE-2025-67639
A cross-site request forgery CSRF vulnerability in Jenkins 2.540 and earlier, LTS 2.528.2 and earlier allows attackers to trick users into logging in to the attacker's account...
PT-2025-50357
Name of the Vulnerable Software and Affected Versions Jenkins versions 2.540 and earlier Jenkins LTS versions 2.528.2 and earlier Description A cross-site request forgery CSRF issue exists in Jenkins that could allow an attacker to trick users into logging in to the attacker’s account. A CSRF...
PT-2025-50353
Name of the Vulnerable Software and Affected Versions Jenkins versions 2.540 and earlier Jenkins LTS versions 2.528.2 and earlier Description Jenkins does not properly close HTTP-based CLI connections when the connection stream becomes corrupted. This can allow unauthenticated attackers to cause ...