Description
Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to queue/api.
Remediation
References
Related Vulnerabilities
Joomla! Core 3.x.x Security Bypass (3.2.0 - 3.9.24)
Artifactory Incorrect Authorization Vulnerability (CVE-2021-45730)
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-3554)
Internet Information Services Other Vulnerability (CVE-2001-0337)
Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9268)