Description
Cross-site scripting (XSS) vulnerability in Jenkins before 1.514, LTS before 1.509.1, and Enterprise 1.466.x before 1.466.14.1 and 1.480.x before 1.480.4.1 allows remote authenticated users with write permission to inject arbitrary web script or HTML via unspecified vectors.
Remediation
References
http://osvdb.org/92982
http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb
https://exchange.xforce.ibmcloud.com/vulnerabilities/84004
Related Vulnerabilities
CVE-2022-24697 Vulnerability in maven package org.apache.kylin:kylin-core-common
CVE-2016-3674 Vulnerability in maven package org.jbehave:jbehave-core
CVE-2023-31062 Vulnerability in maven package org.apache.inlong:manager-pojo
CVE-2018-1000191 Vulnerability in maven package com.blackducksoftware.integration:blackduck-detect
CVE-2015-0254 Vulnerability in maven package taglibs:standard