CVE Published: 27/11/2024 |
CVE Updated: 27/11/2024 |
CVE Year: 2024 Source: jenkins |
Vendor: Jenkins Project |
Product: Jenkins Filesystem List Parameter Plugin Status : PUBLISHED
CVE-2024-54004 Description
Jenkins Filesystem List Parameter Plugin 0.0.14 and earlier does not restrict the path used for the File system objects list Parameter, allowing attackers with Item/Configure permission to enumerate file names on the Jenkins controller file system.