The host is installed with Jenkins LTS before 1.642.2 or Jenkins rolling release before 1.650 and is prone to a CLRF injection vulnerability. A flaw is present in the application, which fails to properly handle an issue in CLI command documentation. Successful exploitation could allow attackers to inject arbitrary http headers and conduct http response splitting attacks via unspecified vectors.