Unrestricted File Name Lookup Vulnerability in Jenkins Subversion Plugin

Unrestricted File Name Lookup Vulnerability in Jenkins Subversion Plugin

CVE-2021-21698 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Jenkins Subversion Plugin 2.15.0 and earlier does not restrict the name of a file when looking up a subversion key file on the controller from an agent.

Learn more about our Web Application Penetration Testing UK.