Description

CRLF injection vulnerability in Jenkins before 1.491, Jenkins LTS before 1.480.1, and Jenkins Enterprise 1.424.x before 1.424.6.13, 1.447.x before 1.447.4.1, and 1.466.x before 1.466.10.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Remediation

References

CVE-2012-6072

Related Vulnerabilities

WordPress Plugin Request a Quote Cross-Site Scripting (2.3.3)

Oracle Database Server CVE-2009-1020 Vulnerability (CVE-2009-1020)

WordPress Plugin Media File Renamer-Auto & Manual Rename Cross-Site Scripting (1.7.0)

Elgg URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-11016)

Oracle JRE CVE-2022-21426 Vulnerability (CVE-2022-21426)

Severity

Medium

Classification

CVE-2012-6072 CWE-20

Tags

Missing Update Known Vulnerabilities