PT-2025-28903 · Jenkins · Jenkins Html Publisher Plugin+1
Kyler Katz
·
Published
2025-07-09
·
Updated
2025-07-18
·
CVE-2025-53651
CVSS v2.0
6.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
Jenkins HTML Publisher Plugin versions prior to 426
Description:
The Jenkins HTML Publisher Plugin versions prior to 426 displays log messages that include the absolute paths of files archived during the Publish HTML reports post-build step, potentially exposing information about the Jenkins controller file system in the build log.
Recommendations:
Upgrade to Jenkins HTML Publisher Plugin version 426 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Jenkins
Jenkins Html Publisher Plugin