Description
Diagnosis Controller miss parameter validation, so user may attacked by command injection via HTTP Request.
Remediation
References
https://lists.apache.org/thread/7ctchj24dofgsj9g1rg1245cms9myb34
Related Vulnerabilities
CVE-2018-5158 Vulnerability in npm package pdfjs-dist
CVE-2022-36907 Vulnerability in maven package org.jenkins-ci.plugins:openshift-deployer
CVE-2022-25766 Vulnerability in npm package ungit
CVE-2019-10367 Vulnerability in maven package io.jenkins:configuration-as-code
CVE-2022-1291 Vulnerability in maven package org.webjars.bowergithub.hhurz:tableexport.jquery.plugin