Description
Cross-site scripting (XSS) vulnerability in java/hudson/model/Cause.java in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to inject arbitrary web script or HTML via a "remote cause note."
Remediation
References
Related Vulnerabilities
WordPress 5.9.x Multiple Vulnerabilities (5.9 - 5.9.8)
Jboss EAP CVE-2016-6796 Vulnerability (CVE-2016-6796)
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.10)
Oracle Database Server CVE-2018-2680 Vulnerability (CVE-2018-2680)
Python Files or Directories Accessible to External Parties Vulnerability (CVE-2019-13404)