Description

Jenkins is an award-winning application that monitors executions of repeated jobs, such as building a software project or jobs run by cron.

By accessing the endpoint /asynchPeople it was possible to get list of the Jenkins users.

Remediation

It's recommended to restrict access to this endpoint.

References

Related Vulnerabilities