Jenkins Security Advisory 2012-09-17
The first vulnerability in Jenkins core allows unprivileged users to insert
data into Jenkins master, which can lead to remote code execution. For this
vulnerability to be exploited, the attacker must have an HTTP access to a
Jenkins master, and he must have a read access to Jenkins.
The following versions incorporate fixes to the vulnerabilities found in the
-Main line users should upgrade to Jenkins 1.482
-LTS users should upgrade to 1.466.2