Description
Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-1812.
Remediation
References
Related Vulnerabilities
WordPress Plugin WooCommerce Upload Files Arbitrary File Upload (59.3)
WordPress Plugin iThemes Security (formerly Better WP Security) Unspecified Vulnerability (6.9.0)
Apache HTTP Server Use After Free Vulnerability (CVE-2017-9798)
WordPress Plugin Comment Highlighter SQL Injection (0.13)
PostgreSQL Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2018-1115)