Jenkins 2.335 through 2.355 (both inclusive) allows attackers in some cases to bypass a protection mechanism, thereby directly accessing some view fragments containing sensitive information, bypassing any permission checks in the corresponding view. (CVSS:5.0) (Last Update:2022-10-20) Latest security vulnerabilities (Bypass) (CVSS score >= 4)
Enhancing Vulnerability Prioritization: Data-Driven Exploit Predictions With Community Driven Insights
In this paper, the authors present the efforts behind building a Special Interest Group (SIG) that seeks to develop a completely data-driven exploit scoring system