Lucene search
HistoryApr 10, 2014 - 8:29 p.m.
CVE-2013-2033
CVSS2
2.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:S/C:N/I:P/A:N
AI Score
5.1
Confidence
High
EPSS
0.001
Percentile
37.3%
Cross-site scripting (XSS) vulnerability in Jenkins before 1.514, LTS before 1.509.1, and Enterprise 1.466.x before 1.466.14.1 and 1.480.x before 1.480.4.1 allows remote authenticated users with write permission to inject arbitrary web script or HTML via unspecified vectors.
Affected configurations
Node
jenkinsjenkinsRange<1.509.1lts
ORjenkinsjenkinsRange<1.514
Node
cloudbeesjenkinsRange1.466–1.466.14.1enterprise
ORcloudbeesjenkinsRange1.480–1.480.4.1enterprise
Related
prion
prion
Cross site scripting
2014-04-10 20:29:00
ubuntucve
ubuntucve
CVE-2013-2033
2014-04-10 00:00:00
github
github
Jenkins vulnerable to Cross-site Scripting
2022-05-14 01:52:20
osv
osv
Jenkins vulnerable to Cross-site Scripting
2022-05-14 01:52:20
cvelist
cvelist
CVE-2013-2033
2014-04-10 14:00:00
cve
cve
CVE-2013-2033
2014-04-10 20:29:20
veracode
veracode
Arbitrary Code Injection
2019-05-02 04:45:30
nessus
nessus
openvas
openvas
Jenkins CSRF And XSS Vulnerabilities - Linux
2016-07-14 00:00:00
Jenkins CSRF And XSS Vulnerabilities - Windows
2016-07-14 00:00:00
freebsd
freebsd
jenkins -- multiple vulnerabilities
2013-05-02 00:00:00
CVSS2
2.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:S/C:N/I:P/A:N
AI Score
5.1
Confidence
High
EPSS
0.001
Percentile
37.3%
Related for NVD:CVE-2013-2033