Description
Jenkins 2.314 and earlier, LTS 2.303.1 and earlier accepts names of jobs and other entities with a trailing dot character, potentially replacing the configuration and data of other entities on Windows.
Remediation
References
Related Vulnerabilities
WordPress Plugin Login/Signup Popup (Inline Form + Woocommerce) Cross-Site Request Forgery (2.2)
WordPress Plugin Import and export users and customers Multiple Vulnerabilities (1.9.4.6)
Drupal Improper Input Validation Vulnerability (CVE-2010-2473)
Oracle Database Server Improper Input Validation Vulnerability (CVE-2020-1953)