CVE-2013-6373 Information

Description

The Exclusion plugin before 0.9 for Jenkins does not properly prevent access to resource locks which allows remote authenticated users to list and release resources via unspecified vectors.

Reference

https://wiki.jenkins-ci.org/display/JENKINS/Exclusion-Plugin https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-11-20