Description
BuildTrigger in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to bypass access restrictions and execute arbitrary jobs by configuring a job to trigger another job. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7330.
Remediation
References
Related Vulnerabilities
OpenSSL Numeric Errors Vulnerability (CVE-2012-2333)
Drupal Core 8.5.x Cross-Site Scripting (8.5.0 - 8.5.1)
WordPress Plugin CP Contact Form with PayPal Cross-Site Scripting (1.2.97)
MySQL CVE-2023-22056 Vulnerability (CVE-2023-22056)
WordPress Plugin Insert Html Snippet Cross-Site Request Forgery (1.2)