Description
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows attackers with permission to create or configure various objects to inject crafted content into Old Data Monitor that results in the instantiation of potentially unsafe objects once discarded by an administrator.
Remediation
References
Related Vulnerabilities
WordPress Plugin YITH WooCommerce Authorize.net Payment Gateway Security Bypass (1.1.12)
WordPress Plugin SAML SP Single Sign On-SSO login Cross-Site Scripting (4.8.72)
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler Unspecified Vulnerability (5.1.2)
WordPress Plugin 10Web Map Builder for Google Maps Security Bypass (1.0.63)
WordPress Plugin Simple Banner Cross-Site Scripting (2.10.3)