Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Jenkins MathWorks Polyspace Plugin 1.0.5 and earlier allows attackers with Item/Configure permission to send emails with arbitrary files from the Jenkins controller file systems.