The host is installed with Jenkins LTS through 2.150.1 or Jenkins rolling release through 2.158 and is prone to an improper authorization vulnerability. The flaw is present in the application, which fails to properly handle an issue in core/src/main/java/hudson/security/AuthenticationProcessingFilter2.java. Successful exploitation could attackers to extend the duration of active http sessions inde ...