Description
Cross-site scripting (XSS) vulnerability in Jenkins before 1.640 and LTS before 1.625.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to workspaces and archived artifacts.
Remediation
References
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09
Related Vulnerabilities
CVE-2023-50728 Vulnerability in npm package probot
CVE-2018-11775 Vulnerability in maven package org.apache.activemq:activemq-client
CVE-2019-10279 Vulnerability in maven package org.jenkins-ci.plugins:jenkins-reviewbot
CVE-2018-16115 Vulnerability in maven package com.typesafe.akka:akka-actor_2.11
CVE-2022-34783 Vulnerability in maven package org.jenkins-ci.plugins:plot