Description
A path traversal vulnerability exists in Jenkins 2.120 and older, LTS 2.107.2 and older in FilePath.java, SoloFilePathFilter.java that allows malicious agents to read and write arbitrary files on the Jenkins master, bypassing the agent-to-master security subsystem protection.
Remediation
References
Related Vulnerabilities
SharePoint CVE-2023-33134 Vulnerability (CVE-2023-33134)
phpMyFAQ Sensitive Cookie in HTTPS Session Without 'Secure' Attribute Vulnerability (CVE-2023-5866)
WordPress Plugin Facebook Members Cross-Site Scripting (7.0)
WordPress 4.5.3 Directory Traversal Vulnerability (4.5.3)
WordPress Plugin Favicon by RealFaviconGenerator Unspecified Vulnerability (1.2.13)