Fedora Account System
Red Hat Associate
Red Hat Customer
A vulnerability was found in Jenkins 2.227 and earlier, LTS 2.204.5 and earlier uses different representations of request URL paths, which allows attackers to craft URLs that allow bypassing CSRF protection of any target URL. Reference: http://www.openwall.com/lists/oss-security/2020/03/25/2
External References: https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1774