Description
Cross-site scripting (XSS) vulnerability in the Build Failure Analyzer plugin before 1.5.1 for Jenkins allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Remediation
References
http://osvdb.org/100106
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-11-20
http://secunia.com/advisories/55783
https://wiki.jenkins-ci.org/display/JENKINS/Build+Failure+Analyzer
Related Vulnerabilities
CVE-2023-31206 Vulnerability in maven package org.apache.inlong:manager-service
CVE-2016-8739 Vulnerability in maven package org.apache.cxf:cxf-rt-rs-extension-providers
CVE-2020-10203 Vulnerability in maven package org.sonatype.nexus:nexus-core
CVE-2016-9879 Vulnerability in maven package org.springframework.security:spring-security-web