Description
A vulnerability in the Stapler web framework used in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier allowed attackers to access view fragments directly, bypassing permission checks and possibly obtain sensitive information.
Remediation
References
Related Vulnerabilities
Apache Tomcat version older than 7.0.30
WordPress Plugin Revamp CRM for WooCommerce Local File Inclusion (1.0.3)
WordPress Plugin WordPress Photo Gallery by Gallery Bank Unspecified Vulnerability (3.1.26)
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Directory Traversal (1.3.33)
WordPress Plugin WP Attachment Export Arbitrary File Download (0.2.3)