CVE-2021-21671

Jenkins 2.299 and earlier, LTS 2.289.1 and earlier does not invalidate the previous session on login.

Jenkins 2.299 and earlier, LTS 2.289.1 and earlier does not invalidate the previous session on login.

https://www.jenkins.io/security/advisory/2021-06-30/#SECURITY-2371

http://www.openwall.com/lists/oss-security/2021/06/30/1

v2: / HIGH

v3: /