Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Job/CONFIGURE permission to bypass intended restrictions and create or destroy arbitrary jobs via unspecified vectors.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Jenkins | Jenkins | * | 1.565.2 (including) |