Description
In Jenkins before versions 2.44, 2.32.2 low privilege users were able to override JDK download credentials (SECURITY-392), resulting in future builds possibly failing to download a JDK.
Remediation
References
Related Vulnerabilities
XWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-32068)
PHP Numeric Errors Vulnerability (CVE-2016-4070)
WordPress Plugin Premmerce Product Filter for WooCommerce Security Bypass (3.1.2)
WordPress Plugin Poll Maker SQL Injection (3.4.1)
WordPress Plugin ImageLinks Interactive Image Builder for WordPress Cross-Site Scripting (1.5.2)