Description
Cross-site scripting (XSS) vulnerability in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to inject arbitrary web script or HTML via the iconSize cookie.
Remediation
References
Related Vulnerabilities
Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2022-23181)
WordPress Plugin BePro Listings Arbitrary File Upload (2.2.0020)
Restlet Framework XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2013-4221)
Microsoft SQL Server Remote Code Execution Vulnerability (CVE-2020-0618)