A vulnerability was found in FitNesse Plugin 1.36 on Jenkins and classified as critical . The affected element is an unknown function of the file config.xml of the component Controller File System Handler . Executing a manipulation can lead to permission issues. This vulnerability appears as CVE-2026-57302 . The attack may be performed from remote. There is no available exploit.