Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3681)

Description

CVE-2014-3681 jenkins: cross-site scripting flaw in Jenkins core (SECURITY-143)

Remediation

References

Related Vulnerabilities

PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-5769)

Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2017-1000355)

SharePoint Authentication Bypass by Spoofing Vulnerability (CVE-2021-42320)

Atlassian Confluence CVE-2023-22503 Vulnerability (CVE-2023-22503)

WordPress Plugin MContact Button includes Backdoor [Only if downloaded via the vendor website] (2.0.6)

Severity

Medium

Classification

CVE-2014-3681 CWE-707

Tags

Missing Update Known Vulnerabilities