The host is installed with Jenkins LTS through 2.375.3 or Jenkins rolling through 2.329 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle issues in unspecified vectors. On successful exploitation, application shows temporary directories when viewing job workspaces, which allows attackers with Item/Workspace permission to access their contents.