Description
Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL that points to Jenkins.
Remediation
References
Related Vulnerabilities
Microsoft SQL Server Other Vulnerability (CVE-2000-0402)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5321)
ownCloud CVE-2017-9340 Vulnerability (CVE-2017-9340)
WordPress Plugin Custom Content Type Manager Remote Code Execution (0.9.8.5)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-6131)