Jenkins Embeddable Build Status Plugin授权问题漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that is vulnerable to an authorization issue in Jenkins Embeddable Build Status Plugin 2.0.3 and earlier, which stems from an inability to properly perform a ViewStatus permission check on the HTTP endpoint it provides for The vulnerability stems from an inability to properly perform ViewStatus permission checks in the HTTP endpoint it provides for “unprotected” status flag access, which could be exploited to obtain the build status badge icon for any given job or build.