CVE-2022-28148 log

Source
Severity Medium
Remote Yes
Type Arbitrary filesystem access
Description
The file browser in Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier may interpret some paths to files as absolute on Windows, resulting in a path traversal vulnerability allowing attackers with Item/Read permission to obtain the contents of arbitrary files on Windows controllers.
Group Package Affected Fixed Severity Status Ticket
AVG-2678 jenkins 0.0.0-1 High Not affected
References
https://www.openwall.com/lists/oss-security/2022/03/29/1
https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2654
Notes
didn't see this was windows only when dumping these, delete?