Description
jenkins before versions 2.44, 2.32.2 is vulnerable to an improper blacklisting of the Pipeline metadata files in the agent-to-master security subsystem. This could allow metadata files to be written to by malicious agents (SECURITY-358).
Remediation
References
Related Vulnerabilities
Elgg Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-3964)
WordPress Plugin Store Locator Plus for WordPress Privilege Escalation (5.5.14)
WordPress Plugin Ocean Extra Cross-Site Scripting (1.9.4)
WordPress Plugin NewStatPress Cross-Site Scripting (1.2.4)
WordPress Plugin EmbedStories-Display social media stories Cross-Site Scripting (0.7.4)