WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2013-2033 Vulnerability in maven package org.jenkins-ci.main:jenkins-core

Description

Cross-site scripting (XSS) vulnerability in Jenkins before 1.514, LTS before 1.509.1, and Enterprise 1.466.x before 1.466.14.1 and 1.480.x before 1.480.4.1 allows remote authenticated users with write permission to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

http://osvdb.org/92982

http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb

https://exchange.xforce.ibmcloud.com/vulnerabilities/84004

Related Vulnerabilities

CVE-2022-24697 Vulnerability in maven package org.apache.kylin:kylin-core-common

CVE-2016-3674 Vulnerability in maven package org.jbehave:jbehave-core

CVE-2023-31062 Vulnerability in maven package org.apache.inlong:manager-pojo

CVE-2018-1000191 Vulnerability in maven package com.blackducksoftware.integration:blackduck-detect

CVE-2015-0254 Vulnerability in maven package taglibs:standard

Severity

Critical

Classification

CWE-79

Tags

Broken Link Vendor Advisory VDB Entry