Description
The sidepanel widgets in the CLI command overview and help pages in Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to the pages.
Remediation
References
Related Vulnerabilities
WordPress 4.5.x Cross-Domain Flash Injection Vulnerability (4.5 - 4.5.12)
WordPress Plugin Product Catalog Multiple Vulnerabilities (4.2.11)
Opencart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-13067)
osCommerce Other Vulnerability (CVE-2006-5190)
WordPress Plugin All 404 Redirect to Homepage Cross-Site Scripting (1.20)