Description

Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers with read access and HTTP access to Jenkins master to insert data and execute arbitrary code.

Remediation

References

CVE-2012-4438

Related Vulnerabilities

WordPress Plugin IMPress for IDX Broker Unspecified Vulnerability (2.5.11)

WordPress Plugin Google SEO Pressor for Rich snippets Cross-Site Scripting (1.2.6)

Plone CMS Resource Management Errors Vulnerability (CVE-2012-5506)

Apache Traffic Server CVE-2022-47184 Vulnerability (CVE-2022-47184)

OpenSSL Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2019-1559)

Severity

High

Classification

CVE-2012-4438 CWE-20 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities