Description
Jenkins Pipeline: Input Step Plugin 448.v37cea_9a_10a_70 and earlier archives files uploaded for `file` parameters for Pipeline `input` steps on the controller as part of build metadata, using the parameter name without sanitization as a relative path inside a build-related directory, allowing attackers able to configure Pipelines to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content.
Remediation
References
https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2705
Related Vulnerabilities
CVE-2023-29511 Vulnerability in maven package org.xwiki.platform:xwiki-platform-administration-ui
CVE-2021-42767 Vulnerability in maven package org.neo4j.procedure:apoc
CVE-2023-50766 Vulnerability in maven package org.sonatype.nexus.ci:nexus-jenkins-plugin
CVE-2014-3502 Vulnerability in npm package cordova-android
CVE-2016-3088 Vulnerability in maven package org.apache.activemq:activemq-fileserver