- If you are using nginx as a reverse proxy in front of Jenkins, you need an extra system property on Jenkins "
-Dhudson.security.csrf.requestfield=Jenkins-Crumb". See JENKINS-23793 for more details
- If you have scripts and other programs that access Jenkins via REST API, they can be impacted. See its CSRF section for more information about how to update those scripts.