Description

Cross-site scripting (XSS) vulnerability in Jenkins before 1.514, LTS before 1.509.1, and Enterprise 1.466.x before 1.466.14.1 and 1.480.x before 1.480.4.1 allows remote authenticated users with write permission to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2013-2033

Related Vulnerabilities

WordPress Plugin Redirection Page Multiple Vulnerabilities (1.2)

Liferay Portal Inefficient Regular Expression Complexity Vulnerability (CVE-2023-33950)

WordPress Plugin Spreadsheet (wpSS) 'ss_id' Parameter SQL Injection (0.61)

WordPress Plugin OpenStreetMap for Gutenberg and WPBakery Page Builder (formerly Visual Composer) Supply Chain Attack [Polyfill.io] (1.1.2)

IBM RTC Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2020-4544)

Severity

Low

Classification

CVE-2013-2033 CWE-707

Tags

Missing Update Known Vulnerabilities