Description
jenkins before versions 2.44, 2.32.2 is vulnerable to an information disclosure vulnerability in search suggestions (SECURITY-385). The autocomplete feature on the search box discloses the names of the views in its suggestions, including the ones for which the current user does not have access to.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2012-0519 Vulnerability (CVE-2012-0519)
Moodle Incorrect Authorization Vulnerability (CVE-2022-0984)
WordPress Plugin Spider Calendar Cross-Site Scripting (1.1.0)
WordPress Plugin Google +1 by BestWebSoft Cross-Site Scripting (1.1.6)
WordPress Plugin Advanced Custom Fields (ACF) PHP Object Injection (6.0.7)