Description
FilePath#listFiles lists files outside directories that agents are allowed to access when following symbolic links in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier.
Remediation
References
Related Vulnerabilities
IBM WebSEAL Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-4699)
WordPress Plugin Video Embed SQL Injection (1.0)
WordPress Plugin Visitor Traffic Real Time Statistics Unspecified Vulnerability (4.2)
Undertow CVE-2022-1259 Vulnerability (CVE-2022-1259)
WordPress Plugin WP Hotel Booking Cross-Site Request Forgery (1.10.1)