Description

CRLF injection vulnerability in the CLI command documentation in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Remediation

References

CVE-2016-0789

Related Vulnerabilities

WordPress Plugin Import all XML, CSV & TXT into WordPress Server-Side Request Forgery (6.5.2)

WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.3)

phpMyAdmin 7PK - Security Features Vulnerability (CVE-2016-2041)

WordPress Plugin Custom css-js-php Unspecified Vulnerability (2.0.2)

WordPress Plugin Easy Testimonial Slider Unspecified Vulnerability (1.0.2)

Severity

Medium

Classification

CVE-2016-0789 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities