Description
Cross-site scripting (XSS) vulnerability in Jenkins before 1.514, LTS before 1.509.1, and Enterprise 1.466.x before 1.466.14.1 and 1.480.x before 1.480.4.1 allows remote authenticated users with write permission to inject arbitrary web script or HTML via unspecified vectors.
Remediation
References
http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb
http://osvdb.org/92982
https://exchange.xforce.ibmcloud.com/vulnerabilities/84004
Related Vulnerabilities
CVE-2020-2245 Vulnerability in maven package org.jenkins-ci.plugins:valgrind
CVE-2023-27603 Vulnerability in maven package org.apache.linkis:linkis-common
CVE-2019-1003097 Vulnerability in maven package com.ds.tools.hudson:crowd
CVE-2020-11971 Vulnerability in maven package org.apache.camel:camel-management
CVE-2016-8751 Vulnerability in maven package org.apache.ranger:ranger