Sandbox Bypass Vulnerability in Jenkins ontrack Plugin 3.4 and Earlier
CVE-2019-10306 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
A sandbox bypass vulnerability in Jenkins ontrack Plugin 3.4 and earlier allowed attackers with control over ontrack DSL definitions to execute arbitrary code on the Jenkins master JVM.
Learn more about our Web Application Penetration Testing UK.