CVE-2018-1000175
Severity
6.5MEDIUM
EPSS
0.3%
top 43.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 8
Latest updateMay 14
Description
A path traversal vulnerability exists in Jenkins HTML Publisher Plugin 1.15 and older in HtmlPublisherTarget.java that allows attackers able to configure the HTML Publisher build step to override arbitrary files on the Jenkins master.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6