Description
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows attackers with permission to create or configure various objects to inject crafted content into Old Data Monitor that results in the instantiation of potentially unsafe objects once discarded by an administrator.
Remediation
References
Related Vulnerabilities
Joomla Incorrect Authorization Vulnerability (CVE-2023-23751)
MongoDb Improper Input Validation Vulnerability (CVE-2020-7925)
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.18)
MySQL CVE-2023-22068 Vulnerability (CVE-2023-22068)
WordPress Plugin SEO Redirection-301 Redirect Manager Cross-Site Scripting (7.3)