Description
Cross-site scripting (XSS) vulnerability in Jenkins before 1.640 and LTS before 1.625.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to workspaces and archived artifacts.
Remediation
References
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09
Related Vulnerabilities
CVE-2019-17513 Vulnerability in maven package io.ratpack:ratpack-core
CVE-2023-50730 Vulnerability in maven package edu.gemini:gsp-graphql-core_native0.4_3
CVE-2019-13416 Vulnerability in maven package com.floragunn:search-guard-6
CVE-2016-4432 Vulnerability in maven package org.apache.qpid:qpid-broker-plugins-amqp-0-10-protocol