Description

Cross-site scripting (XSS) vulnerability in Jenkins before 1.454, Jenkins LTS before 1.424.5, and Jenkins Enterprise 1.400.x before 1.400.0.13 and 1.424.x before 1.424.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0324.

Remediation

References

CVE-2012-0325

Related Vulnerabilities

WordPress Plugin Flickrpress PHP Object Injection (1.0.2)

WordPress Plugin MailCWP Arbitrary File Upload (1.99)

WordPress Plugin Easy Digital Downloads-Simple eCommerce for Selling Digital Files Cross-Site Scripting (2.9.15)

WordPress Plugin Dropdown Menu Widget Cross-Site Request Forgery (1.9.1)

MySQL CVE-2020-14794 Vulnerability (CVE-2020-14794)

Severity

Medium

Classification

CVE-2012-0325 CWE-707

Tags

Missing Update Known Vulnerabilities