Jenkins Matrix Project Plugin 822.v01b_8c85d16d2 and earlier does not sanitize user-defined axis names of multi-configuration projects, allowing attackers with Item/Configure permission to create or replace any config.xml files on the Jenkins controller file system with content not controllable by the attackers.
[
{
"vendor": "Jenkins Project",
"product": "Jenkins Matrix Project Plugin",
"versions": [
{
"version": "0",
"versionType": "maven",
"lessThanOrEqual": "822.v01b_8c85d16d2",
"status": "affected"
}
],
"defaultStatus": "unaffected"
}
]