Description
A path traversal vulnerability exists in Jenkins HTML Publisher Plugin 1.15 and older in HtmlPublisherTarget.java that allows attackers able to configure the HTML Publisher build step to override arbitrary files on the Jenkins master.
Remediation
References
https://jenkins.io/security/advisory/2018-04-16/
Related Vulnerabilities
CVE-2022-28157 Vulnerability in maven package com.surenpi.jenkins:phoenix-autotest
CVE-2019-7611 Vulnerability in maven package org.elasticsearch:elasticsearch
CVE-2019-0219 Vulnerability in npm package cordova-plugin-inappbrowser
CVE-2023-26136 Vulnerability in maven package org.webjars.bowergithub.salesforce:tough-cookie
CVE-2017-5641 Vulnerability in maven package org.apache.flex.blazeds:flex-messaging-core