Description

The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 might allow remote attackers to obtain sensitive job and build name information via a direct request.

Remediation

References

CVE-2015-5317

Related Vulnerabilities

WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner 'config' Parameter Local File Inclusion (3.0.3)

WordPress Plugin NextCellent Gallery-NextGEN Legacy Cross-Site Scripting (1.9.17)

JBoss Application Server Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-3609)

WordPress Plugin My Calendar Cross-Site Scripting (2.4.18)

WordPress Plugin YITH Maintenance Mode Multiple Cross-Site Scripting Vulnerabilities (1.3.8)

Severity

Medium

Classification

CVE-2015-5317 CWE-200

Tags

Missing Update Known Vulnerabilities