Description
The sidepanel widgets in the CLI command overview and help pages in Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to the pages.
Remediation
References
Related Vulnerabilities
silverstripeCMS Credentials Management Errors Vulnerability (CVE-2010-5092)
WebLogic Improper Access Control Vulnerability (CVE-2026-35298)
WordPress 5.8.x Multiple Vulnerabilities (5.8 - 5.8.2)
IBMHttpServer Untrusted Pointer Dereference Vulnerability (CVE-2026-8835)
WordPress Plugin Collision Testimonials 'admin.php' SQL Injection (3.0)