WEB APPLICATION VULNERABILITIES Standard & Premium

Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4344)

Description

Cross-site scripting (XSS) vulnerability in Jenkins Core in Jenkins before 1.438, and 1.409 LTS before 1.409.3 LTS, when a stand-alone container is used, allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages.

Remediation

References

Related Vulnerabilities

WordPress Plugin Management App for WooCommerce-Order notifications, Order management, Lead management, Uptime Monitoring Unspecified Vulnerability (1.2.3)

WordPress Plugin Testimonial Multiple Vulnerabilities (2.2)

WordPress Plugin WP Business Directory Cross-Site Scripting (1.0.5)

WordPress Plugin WP Live Chat Support Pro Arbitrary File Upload (8.0.06)

WordPress Plugin Post Logo Cross-Site Scripting (1.1b)

Severity

Low

Classification

CVE-2011-4344 CWE-707

Tags

Missing Update Known Vulnerabilities