diff --git a/2019/1003xxx/CVE-2019-1003049.json b/2019/1003xxx/CVE-2019-1003049.json
index 415f1e7889c..cb62c862c95 100644
--- a/2019/1003xxx/CVE-2019-1003049.json
+++ b/2019/1003xxx/CVE-2019-1003049.json
@@ -33,7 +33,7 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches."
+                "value": "Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches."
             }
         ]
     },
diff --git a/2019/1003xxx/CVE-2019-1003050.json b/2019/1003xxx/CVE-2019-1003050.json
index bae9402f858..af574018f6c 100644
--- a/2019/1003xxx/CVE-2019-1003050.json
+++ b/2019/1003xxx/CVE-2019-1003050.json
@@ -33,7 +33,7 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "A form control for the Jenkins UI did not properly escape job URLs, resulting in a cross-site scripting (XSS) vulnerability exploitable by users with the ability to control job names."
+                "value": "A form control for the Jenkins UI did not properly escape job URLs in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, resulting in a cross-site scripting (XSS) vulnerability exploitable by users with the ability to control job names."
             }
         ]
     },