Description
jenkins before versions 2.44, 2.32.2 is vulnerable to an information disclosure vulnerability in search suggestions (SECURITY-385). The autocomplete feature on the search box discloses the names of the views in its suggestions, including the ones for which the current user does not have access to.
Remediation
References
Related Vulnerabilities
WordPress Plugin UserPro-Community and User Profile Security Bypass (4.9.17)
WordPress Plugin 3D Flick Slideshow 'upload.php' Arbitrary File Upload (2.1)
WordPress Plugin LiveSig 'wp-root' Parameter Remote File Include (0.4)
WordPress Plugin Advanced User Registration and Management Cross-Site Scripting (2.3.5)