Description
Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allows any agent to read and write the contents of any build directory stored in Jenkins with very few restrictions.
Remediation
References
Related Vulnerabilities
MySQL CVE-2020-2925 Vulnerability (CVE-2020-2925)
WordPress Plugin My Calendar Cross-Site Scripting (3.1.9)
WordPress Plugin Open Graph for Facebook, Google+ and Twitter Card Tags Cross-Site Scripting (2.2.4)
WordPress Plugin Easy Event calendar Cross-Site Scripting (1.0)
Moodle Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2020-14322)