Description
A stored cross-site scripting vulnerability in Jenkins 2.191 and earlier, LTS 2.176.2 and earlier allowed attackers with Overall/Administer permission to configure the update site URL to inject arbitrary HTML and JavaScript in update center web pages.
Remediation
References
Related Vulnerabilities
Apache Tomcat version older than 6.0.18
WordPress Other Vulnerability (CVE-2006-2667)
WordPress Plugin BulletProof Security Multiple Cross-Site Scripting Vulnerabilities (.48.9)
MySQL CVE-2021-35591 Vulnerability (CVE-2021-35591)
WordPress Plugin WooCommerce Social Login Privilege Escalation (2.7.3)