Arbitrary Code Execution Vulnerability in Jenkins Main and LTS Versions

CVE-2012-4438 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers with read access and HTTP access to Jenkins master to insert data and execute arbitrary code.

Learn more about our Web Application Penetration Testing UK.