Description
The API URL computer/(master)/api/xml in Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users with extended read permission for the master node to obtain sensitive information about the global configuration via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin Username Changer Multiple Vulnerabilities (1.4)
SharePoint Improper Input Validation Vulnerability (CVE-2020-1025)
Internet Information Services Other Vulnerability (CVE-2000-0246)
Dolibarr Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-14240)
Joomla Improper Access Control Vulnerability (CVE-2015-7899)