Description
A vulnerability in the Stapler web framework used in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier allowed attackers to access view fragments directly, bypassing permission checks and possibly obtain sensitive information.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Inimat Cross-Site Scripting (1.0)
WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Remote Code Execution (5.0.0)
WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (2.6.2)
XWikiplatform Missing Authorization Vulnerability (CVE-2024-37898)
WordPress Plugin InfiniteWP Client Security Bypass (1.9.4.4)