Public Jenkins instance with /script enabled
Critical
I
IBM
Submitted None
Team Summary
Official summary from IBM
An RCE/LFI due to Public Jenkins instance with /script enabled was reported to IBM February 26th, analyzed and has been remediated since March 3rd, 2022. Thank you to Sanjok Karki (thesanjok) for the finding.
Actions:
Reported by
thesanjok
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Improper Access Control - Generic