Description

Cross-site scripting (XSS) vulnerability in Jenkins before 1.454, Jenkins LTS before 1.424.5, and Jenkins Enterprise 1.400.x before 1.400.0.13 and 1.424.x before 1.424.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0324.

Remediation

References

CVE-2012-0325

Related Vulnerabilities

IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1606)

WordPress Plugin WP Accurate Form Data Multiple Vulnerabilities (1.2)

GlassFish Improper Input Validation Vulnerability (CVE-2011-5035)

WordPress Plugin Under Construction, Coming Soon & Maintenance Mode Multiple Vulnerabilities (1.1.1)

WordPress Plugin WooCommerce Cross-Site Scripting (2.6.3)

Severity

Medium

Classification

CVE-2012-0325 CWE-707

Tags

Missing Update Known Vulnerabilities