Description
Agent processes are able to completely bypass file path filtering by wrapping the file operation in an agent file path in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier.
Remediation
References
Related Vulnerabilities
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.19)
WordPress Plugin Thrive Dashboard Security Bypass (2.3.9.2)
Liferay DXP CVE-2021-33330 Vulnerability (CVE-2021-33330)
Django Improper Input Validation Vulnerability (CVE-2010-4535)
WordPress Plugin PowerPack Lite for Beaver Builder Local File Inclusion (1.3.0.3)