Medium severity4.3NVD Advisory· Published May 16, 2023· Updated Jun 17, 2026
CVE-2023-32985
CVE-2023-32985
Description
Jenkins Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jenkins-ci.plugins:sidebar-linkMaven | < 2.2.2 | 2.2.2 |
Affected products
2- Range: 0
Patches
Vulnerability mechanics
References
4News mentions
1- Jenkins Security Advisory 2023-05-16Jenkins Security Advisories · May 16, 2023