Description
Cross-site scripting (XSS) vulnerability in Jenkins before 1.514, LTS before 1.509.1, and Enterprise 1.466.x before 1.466.14.1 and 1.480.x before 1.480.4.1 allows remote authenticated users with write permission to inject arbitrary web script or HTML via unspecified vectors.
Remediation
References
http://osvdb.org/92982
http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb
https://exchange.xforce.ibmcloud.com/vulnerabilities/84004
Related Vulnerabilities
CVE-2020-16042 Vulnerability in maven package org.webjars.npm:electron
CVE-2023-49620 Vulnerability in maven package org.apache.dolphinscheduler:dolphinscheduler-api
CVE-2015-3269 Vulnerability in maven package org.apache.flex.blazeds:flex-messaging-core
CVE-2023-42277 Vulnerability in maven package cn.hutool:hutool-json