CVE-2019-10315

Jenkins GitHub Authentication Plugin 0.31 and earlier did not use the state parameter of OAuth to prevent CSRF.
Source: NIST
CVE-2019-10315