Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. Jenkins Pipeline Multibranch Plugin 706.vd43c65dec013 and earlier versions contain an arbitrary file reading vulnerability that stems from the Multibranch plugin using the readTrusted step to read a file, using a symbolic link to a location outside of the detected directory where SCM is configured. An attacker could configure pipeline privileges to read arbitrary files on the Jenkins controller filesystem.