Description
A path traversal vulnerability exists in Jenkins 2.120 and older, LTS 2.107.2 and older in FilePath.java, SoloFilePathFilter.java that allows malicious agents to read and write arbitrary files on the Jenkins master, bypassing the agent-to-master security subsystem protection.
Remediation
References
Related Vulnerabilities
WordPress Plugin Real Estate Website Builder 'ajax_action' Parameter Cross-Site Scripting (0.1.0)
WordPress Plugin WP Server Log Viewer Cross-Site Scripting (1.0)
Joomla! Core Cross-Site Scripting (1.5.0 - 3.8.3)
Oracle Database Server CVE-2011-0799 Vulnerability (CVE-2011-0799)
WordPress Plugin SendPress Newsletters Unspecified Vulnerability (1.7.6.11)