Cross site scripting

2019-11-1821:15:00

PRIOn knowledge base

www.prio-n.com

6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.9%

JSON

Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL that points to Jenkins.

CPENameOperatorVersion
jenkinslt1.466.2
jenkinslt1.482

CPE	Name	Operator	Version
	jenkins	lt	1.466.2
	jenkins	lt	1.482

References

www.openwall.com/lists/oss-security/2012/09/21/2

bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4439

security-tracker.debian.org/tracker/CVE-2012-4439

www.cloudbees.com/jenkins-security-advisory-2012-09-17