Arbitrary File Read Vulnerability in Jenkins WildFly Deployer Plugin

CVE-2022-41235 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Jenkins WildFly Deployer Plugin 1.0.2 and earlier implements functionality that allows agent processes to read arbitrary files on the Jenkins controller file system.

Learn more about our Web Application Penetration Testing UK.