CVE-2012-4439

2019-11-1820:56:45

redhat

www.cve.org

6.3 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.9%

JSON

Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL that points to Jenkins.

CNA Affected

[
  {
    "product": "jenkins",
    "vendor": "jenkins",
    "versions": [
      {
        "status": "affected",
        "version": "1.447.2"
      }
    ]
  }
]