A data modification vulnerability exists in Jenkins 2.153 and previous versions, LTS 2.138.3 and previous versions in User.java, IdStrategy.java that allows malicious users to submit crafted user names that can cause an improper migration of user record storage formats, potentially preventing the victim from logging into Jenkins.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jenkins jenkins |
||
redhat openshift container platform 3.11 |