Description
A path traversal vulnerability exists in Jenkins HTML Publisher Plugin 1.15 and older in HtmlPublisherTarget.java that allows attackers able to configure the HTML Publisher build step to override arbitrary files on the Jenkins master.
Remediation
References
https://jenkins.io/security/advisory/2018-04-16/
Related Vulnerabilities
CVE-2022-42466 Vulnerability in maven package org.apache.isis.core:isis-applib
CVE-2023-45134 Vulnerability in maven package org.xwiki.platform:xwiki-platform-web-templates
CVE-2019-10466 Vulnerability in maven package org.jenkins-ci.plugins.plugin:fireline
CVE-2022-37423 Vulnerability in maven package org.neo4j.procedure:apoc
CVE-2015-1814 Vulnerability in maven package org.jenkins-ci.main:jenkins-core