Description
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.
Remediation
References
Related Vulnerabilities
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-43950)
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2024-38024)
WordPress Plugin Customize Feeds for Twitter Cross-Site Request Forgery (1.8.8)
WordPress Plugin bbPress Move Topics PHP Object Injection (1.1.4)
WordPress Plugin Responsive Owl Carousel for Elementor Local File Inclusion (1.2.0)