Description
Agent processes are able to completely bypass file path filtering by wrapping the file operation in an agent file path in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier.
Remediation
References
https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455