Description
The combination filter Groovy script in Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users with job configuration permission to gain privileges and execute arbitrary code on the master via unspecified vectors.
Remediation
References
Related Vulnerabilities
Apache Tomcat Other Vulnerability (CVE-2002-2007)
Drupal Incorrect Authorization Vulnerability (CVE-2022-25270)
Drupal Core Security Bypass (8.0.0 - 9.2.21)
MediaWiki Improper Access Control Vulnerability (CVE-2016-6331)
WordPress Plugin Asset CleanUp:Page Speed Booster Multiple Vulnerabilities (1.3.6.6)