CVE-2014-2066

Publication date

2014-10-17 15:00:00

Family

debian

State

PUBLISHED

Description

Session fixation vulnerability in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to hijack web sessions via vectors involving the "override" of Jenkins cookies.