Description
Jenkins before 1.587 and LTS before 1.580.1 do not properly ensure trust separation between a master and slaves, which might allow remote attackers to execute arbitrary code on the master by leveraging access to the slave.
Remediation
References
Related Vulnerabilities
WordPress Plugin WooCommerce Unspecified Vulnerability (4.2.0)
Moodle Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-40316)
WordPress Plugin Related Posts for WordPress Cross-Site Scripting (1.8.1)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4301)