Vulnerability in Jenkins Project Sidebar Link Plugin
CVE-2023-32985
Jenkins Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on th…
EPSS: 0.724 (99.4th percentile) — read the EPSS interpretation.
Affected products
- Jenkins Project Sidebar Link Plugin — versions 0
References
- Jenkins Security Advisory 2023-05-16 (vendor-advisory)