Sandbox Bypass Vulnerability in Jenkins ontrack Plugin 3.4 and Earlier

CVE-2019-10306 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

A sandbox bypass vulnerability in Jenkins ontrack Plugin 3.4 and earlier allowed attackers with control over ontrack DSL definitions to execute arbitrary code on the Jenkins master JVM.

Learn more about our Web Application Penetration Testing UK.