Vulners
Lucene search
| Reporter | Title | Published | Views | Family All 49 |
|---|---|---|---|---|
 | jenkins -- multiple vulnerabilities | 14 Feb 201400:00 | – | freebsd |
 | CVE-2013-5573 | 31 Dec 201316:04 | – | attackerkb |
 | CVE-2013-5573 | 31 Dec 201315:00 | – | cvelist |
 | Jenkins 1.523 - Persistent HTML Code | 18 Dec 201300:00 | – | exploitdb |
 | EUVD-2013-5413 | 7 Oct 202500:30 | – | euvd |
 | Jenkins 1.523 - Persistent HTML Code | 18 Dec 201300:00 | – | exploitpack |
 | FreeBSD : jenkins -- multiple vulnerabilities (3e0507c6-9614-11e3-b3a5-00e0814cab4e) | 17 Feb 201400:00 | – | nessus |
| Jenkins < 1.551 / 1.532.2 and Jenkins Enterprise 1.509.x / 1.532.x < 1.509.5.1 / 1.532.2.2 Multiple Vulnerabilities | 25 Feb 201400:00 | – | nessus |
 | Jenkins allows Cross-Site Scripting (XSS) in User Configuration | 17 May 202201:31 | – | github |
 | CVE-2013-5573 | 31 Dec 201316:04 | – | nvd |
10
| Source | Link |
|---|---|
| seclists | www.seclists.org/bugtraq/2013/Dec/104 |
| securityfocus | www.securityfocus.com/bid/64414 |
| exploit-db | www.exploit-db.com/exploits/30408 |
| seclists | www.seclists.org/fulldisclosure/2013/Dec/159 |
| osvdb | www.osvdb.org/101187 |
| packetstormsecurity | www.packetstormsecurity.com/files/124513 |
| exchange | www.exchange.xforce.ibmcloud.com/vulnerabilities/89872 |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| Descriotion | request body | /jenkins/user/attacker/configure | XSS via Description field in user configuration leading to injected HTML/JS executing when rendering user-related pages. | CWE-79 |
| Description | request body | /jenkins/user/attacker/configure | XSS via Description field in user configuration leading to injected HTML/JS executing when rendering user-related pages. | CWE-79 |
| description | request body | /jenkins/user/attacker/configure | XSS via Description field in user configuration leading to injected HTML/JS executing when rendering user-related pages. | CWE-79 |
| description field | request body | /jenkins/user/attacker/configure | XSS via Description field in user configuration leading to injected HTML/JS executing when rendering user-related pages. | CWE-79 |
| People List | nested | /jenkins/asynchPeople/ | XSS condition triggered when a victim views the People List and clicks on the attacker user, enabling persistent script delivery via crafted content. | CWE-79 |
| attacker user id | nested | /jenkins/asynchPeople/ | XSS condition triggered when a victim views the People List and clicks on the attacker user, enabling persistent script delivery via crafted content. | CWE-79 |
| description | nested | /jenkins/asynchPeople/ | XSS condition triggered when a victim views the People List and clicks on the attacker user, enabling persistent script delivery via crafted content. | CWE-79 |
| Descriotion | nested | /jenkins/asynchPeople/ | XSS condition triggered when a victim views the People List and clicks on the attacker user, enabling persistent script delivery via crafted content. | CWE-79 |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
29 Apr 2026 01:13Current
7.7High risk
Vulners AI Score7.7
CVSS 24.3
EPSS0.01627