Description
The API URL computer/(master)/api/xml in Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users with extended read permission for the master node to obtain sensitive information about the global configuration via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Ultimate Member Plugin Improper Privilege Management Vulnerability (CVE-2020-36155)
Apache HTTP Server Incorrect Calculation of Buffer Size Vulnerability (CVE-2004-0747)
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.15)
WordPress Plugin WP Activity Log Security Bypass (4.0.1)
WordPress Plugin Uploader 'uploadify.php' Arbitrary File Upload (1.0.4)