Stapler Web Framework Vulnerability: Unauthorized Access to View Fragments in Jenkins
CVE-2019-10354 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
A vulnerability in the Stapler web framework used in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier allowed attackers to access view fragments directly, bypassing permission checks and possibly obtain sensitive information.
Learn more about our Web App Pen Testing.