Description

Directory traversal vulnerability in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to list directory contents and read arbitrary files in the Jenkins servlet resources via directory traversal sequences in a request to jnlpJars/.

Remediation

References

CVE-2015-5322

Related Vulnerabilities

WordPress Plugin Pricing Table by Supsystic Multiple Vulnerabilities (1.8.1)

WordPress Plugin Integration for Contact Form 7 and ActiveCampaign Cross-Site Scripting (1.0.3)

EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14350)

WordPress Plugin Lightweight Accordion Cross-Site Scripting (1.5.14)

ownCloud Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-4753)

Severity

Medium

Classification

CVE-2015-5322 CWE-22

Tags

Missing Update Known Vulnerabilities