Jenkins CLI HTTP Java Deserialization
Posted on 17 May 2018
This Metasploit module exploits a vulnerability in Jenkins. An unsafe deserialization bug exists on the Jenkins, which allows remote arbitrary code execution via HTTP. Authentication is not required to exploit this vulnerability.