Jenkins Improper Input Validation Vulnerability - CVE-2018-1999002

A arbitrary file read vulnerability exists in Jenkins 2.132 and earlier 2.121.1 and earlier in the Stapler web framework39s org/kohsuke/stapler/Stapler.java that allows attackers to send crafted HTTP requests returning the contents of any file on the Jenkins master file system that the Jenkins master has access to.