Description
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier shows temporary directories related to job workspaces, which allows attackers with Item/Workspace permission to access their contents.
Remediation
References
Related Vulnerabilities
WordPress Plugin Simple Photo Gallery SQL Injection (1.7.9)
WordPress Plugin Product Lister for Walmart Remote Code Execution (1.0.1)
MySQL CVE-2016-7440 Vulnerability (CVE-2016-7440)
WordPress Plugin MediaElement.js-HTML5 Video & Audio Player Cross-Site Scripting (4.2.8)
Apache Tomcat Off-by-one Error Vulnerability (CVE-2023-28709)