Description

Cross-site scripting (XSS) vulnerability in Jenkins Core in Jenkins before 1.438, and 1.409 LTS before 1.409.3 LTS, when a stand-alone container is used, allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages.

Remediation

References

CVE-2011-4344

Related Vulnerabilities

Chamilo Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-38745)

WordPress Plugin WP-Recall-Registration, Profile, Commerce & More Cross-Site Scripting (16.24.47)

PHP Out-of-bounds Read Vulnerability (CVE-2015-2325)

Ruby Improper Input Validation Vulnerability (CVE-2008-3790)

WordPress 3.9.1 Multiple Vulnerabilities (3.9 - 3.9.1)

Severity

Low

Classification

CVE-2011-4344 CWE-707

Tags

Missing Update Known Vulnerabilities