CVE-2023-27902
maven/org.jenkins-ci.main/jenkins-core
Improper Access Control
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier shows temporary directories related to job workspaces, which allows attackers with Item/Workspace permission to access their contents.
All versions after 2.375.4 before 2.394
Upgrade to version 2.394 or above.
2023-03-17
source |