Description
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier shows temporary directories related to job workspaces, which allows attackers with Item/Workspace permission to access their contents.
Remediation
References
Related Vulnerabilities
WordPress Plugin Infusionsoft Gravity Forms Add-on Arbitrary File Upload (1.5.10)
WordPress Plugin Gravity Forms HubSpot Cross-Site Scripting (1.0.8)
MySQL CVE-2015-4802 Vulnerability (CVE-2015-4802)
Jboss EAP Improper Initialization Vulnerability (CVE-2023-4503)
Atlassian Jira Insufficient Session Expiration Vulnerability (CVE-2021-39113)