Description

Cross-site scripting (XSS) vulnerability in the default markup formatter in Jenkins 1.523 allows remote attackers to inject arbitrary web script or HTML via the Description field in the user configuration.

Remediation

References

CVE-2013-5573

Related Vulnerabilities

WordPress Plugin Seriously Simple Podcasting Cross-Site Scripting (1.9.4)

Oracle JRE CVE-2014-2414 Vulnerability (CVE-2014-2414)

OpenSSL Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2022-1292)

WordPress Plugin kk Star Ratings Security Bypass (2.3.1)

WordPress Plugin SecureMoz Security Audit PHP Object Injection (1.0.5)

Severity

Medium

Classification

CVE-2013-5573 CWE-707

Tags

Missing Update Known Vulnerabilities