Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD622E14B1-B40C-11E2-8441-00E0814CAB4E
HistoryMay 02, 2013 - 12:00 a.m.

jenkins -- multiple vulnerabilities

2013-05-0200:00:00
vuxml.freebsd.org
9

0.003 Low

EPSS

Percentile

70.0%

JSON

Jenkins Security Advisory reports:

This advisory announces multiple security vulnerabilities that
were found in Jenkins core.

SECURITY-63 / CVE-2013-2034
This creates a cross-site request forgery (CSRF) vulnerability
on Jenkins master, where an anonymous attacker can trick an
administrator to execute arbitrary code on Jenkins master by
having him open a specifically crafted attack URL.
There’s also a related vulnerability where the permission
check on this ability is done imprecisely, which may affect
those who are running Jenkins instances with a custom
authorization strategy plugin.

SECURITY-67 / CVE-2013-2033
This creates a cross-site scripting (XSS) vulnerability, where
an attacker with a valid user account on Jenkins can execute
JavaScript in the browser of other users, if those users are
using certain browsers.

SECURITY-69 / CVE-2013-2034
This is another CSRF vulnerability that allows an attacker to
cause a deployment of binaries to Maven repositories. This
vulnerability has the same CVE ID as SEUCRITY-63.

SECURITY-71 / CVE-2013-1808
This creates a cross-site scripting (XSS) vulnerability.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchjenkins< 1.514UNKNOWN

Related

nessus 2
openvas 2
prion 5
ubuntucve 2
cve 5
osv 2
veracode 3
github 2
cvelist 5
wpvulndb 24
patchstack 1
packetstorm 1
zdt 1
securityvulns 3
wpexploit 1
debiancve 2
nessus
nessus
Jenkins < 1.514 / 1.509.1 and Jenkins Enterprise 1.466.x / 1.480.x < 1.466.14.1 / 1.480.4.1 Multiple Vulnerabilities
2013-06-14 00:00:00
FreeBSD : jenkins -- multiple vulnerabilities (622e14b1-b40c-11e2-8441-00e0814cab4e)
2013-05-04 00:00:00
openvas
openvas
Jenkins CSRF And XSS Vulnerabilities - Linux
2016-07-14 00:00:00
Jenkins CSRF And XSS Vulnerabilities - Windows
2016-07-14 00:00:00
prion
prion
Cross site scripting
2014-04-10 20:29:00
Cross site request forgery (csrf)
2014-05-14 19:55:00
Cross site scripting
2013-04-02 03:22:00
ubuntucve
ubuntucve
CVE-2013-2034
2014-05-14 00:00:00
CVE-2013-2033
2014-04-10 00:00:00
cve
cve
CVE-2013-2034
2014-05-14 19:55:00
CVE-2013-2033
2014-04-10 20:29:00
CVE-2013-1463
2013-02-07 05:56:00
osv
osv
Jenkins Cross-Site Request Forgery vulnerabilities
2022-05-17 03:51:00
Jenkins vulnerable to Cross-site Scripting
2022-05-14 01:52:20
veracode
veracode
Cross-Site Request Forgery (CSRF)
2019-05-02 04:45:31
Arbitrary Code Injection
2019-05-02 04:45:30
Cross-site Scripting (XSS)
2019-01-15 08:52:23
github
github
Jenkins Cross-Site Request Forgery vulnerabilities
2022-05-17 03:51:00
Jenkins vulnerable to Cross-site Scripting
2022-05-14 01:52:20
cvelist
cvelist
CVE-2013-2034
2014-05-14 19:00:00
CVE-2013-2033
2014-04-10 14:00:00
CVE-2013-1808
2013-03-28 17:00:00
wpvulndb
wpvulndb
geshi-source-colorer <= 0.13 - XSS in ZeroClipboard
2014-08-01 10:58:58
tiny-url <= 1.3.2 - XSS in ZeroClipboard
2014-08-01 10:58:58
wppygments <= 0.3.2 - XSS in ZeroClipboard
2014-08-01 10:58:58
patchstack
patchstack
WordPress ZeroClipboard Plugin <= 1.0.7 - XSS
2013-02-19 00:00:00
packetstorm
packetstorm
ZeroClipbord.swf Cross Site Scripting / Path Disclosure
2013-04-09 00:00:00
zdt
zdt
ZeroClipboard Wordpress plugin XSS / FPD Vulnerabilities
2013-04-11 00:00:00
securityvulns
securityvulns
XSS vulnerabilities in ZeroClipboard and multiple web applications
2013-05-06 00:00:00
XSS vulnerabilities in ZeroClipboard in multiple plugins for WordPress
2013-05-06 00:00:00
XSS and FPD vulnerabilities in ZeroClipboard in multiple themes for WordPress
2013-05-06 00:00:00
wpexploit
wpexploit
slidedeck2 < 2.1.20130313 - XSS in ZeroClipboard
2014-08-01 00:00:00
debiancve
debiancve
CVE-2013-1808
2013-04-02 03:23:00
CVE-2012-6550
2013-04-02 03:22:00

0.003 Low

EPSS

Percentile

70.0%

JSON
Related for 622E14B1-B40C-11E2-8441-00E0814CAB4E
nessus2openvas2prion5ubuntucve2cve5osv2veracode3github2cvelist5wpvulndb24patchstack1packetstorm1zdt1securityvulns3wpexploit1debiancve2