Description
BuildTrigger in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to bypass access restrictions and execute arbitrary jobs by configuring a job to trigger another job. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7330.
Remediation
References
Related Vulnerabilities
WordPress Plugin Indieweb Post Kinds Cross-Site Scripting (1.3.1)
MongoDb Improper Input Validation Vulnerability (CVE-2013-1892)
WebLogic CVE-2017-3531 Vulnerability (CVE-2017-3531)
XWiki Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-48240)
IBM WebSEAL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2019-4156)