ASA-2019-00102 – Jenkins: Session fixation vulnerability in GitHub Authentication Plugin

GitHub Authentication Plugin did not invalidate the previous session and create a new one upon successful login, allowing attackers able to control or obtain another user’s pre-login session ID to impersonate them.