Description

CRLF injection vulnerability in the CLI command documentation in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Remediation

References

CVE-2016-0789

Related Vulnerabilities

WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Security Bypass (7.6.0)

WordPress Plugin Visualizer:Tables and Charts Manager for WordPress Security Bypass (3.10.15)

XOOPS Other Vulnerability (CVE-2005-3680)

WordPress Plugin moreAds SE Open Redirect (1.4.8)

ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0307)

Severity

Medium

Classification

CVE-2016-0789 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities