Description

Cross-site scripting (XSS) vulnerability in Jenkins before 1.454, Jenkins LTS before 1.424.5, and Jenkins Enterprise 1.400.x before 1.400.0.13 and 1.424.x before 1.424.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0324.

Remediation

References

CVE-2012-0325

Related Vulnerabilities

WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0165)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-2353)

XWiki Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2022-24819)

WordPress Plugin Rockhoist Badges Cross-Site Scripting (1.2.2)

MySQL CVE-2023-21976 Vulnerability (CVE-2023-21976)

Severity

Medium

Classification

CVE-2012-0325 CWE-707

Tags

Missing Update Known Vulnerabilities