CVE-2024-5273 — Jenkins Report Info Plugin 1.2 and earlier does not perform path validation of the workspace directory while serving report files, allowing attackers with Item/Configure permission to retrieve Surefir — CVE Database · The Intelligence Room