Description
A exposure of sensitive information vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in Computer.java that allows attackers With Overall/Read permission to access the connection log for any agent.
Remediation
References
Related Vulnerabilities
WordPress Plugin Hide My WP Cross-Site Scripting (4.51.1)
Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25608)
WordPress Plugin Wholesale Market for WooCommerce Directory Traversal (1.0.8)
Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2022-23181)
Django Incorrect Regular Expression Vulnerability (CVE-2018-7537)