Jenkins CSRF And XSS Vulnerabilities - Windows

Jenkins is prone to cross-site request forgery CSRF and cross- site scripting vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2013-2034

CVE-2013-2034 affects Jenkins and related Enterprise/LTS builds, enabling CSRF-based administrator session hijacking that can lead to arbitrary code execution or deployment of binaries to a Maven repository. Affected software includes Jenkins before 1.514, LTS before 1.509.1, Jenkins Enterprise 1...

PT-2014-2530 · Apache +1 · Maven +2

Name of the Vulnerable Software and Affected Versions: Jenkins versions prior to 1.514 Jenkins LTS versions prior to 1.509.1 Jenkins Enterprise 1.466.x versions prior to 1.466.14.1 Jenkins Enterprise 1.480.x versions prior to 1.480.4.1 Description: The issue allows remote attackers to hijack the...

PT-2014-2529 · Cloudbees +1 · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions prior to 1.514 Jenkins LTS versions prior to 1.509.1 Jenkins Enterprise 1.466.x versions prior to 1.466.14.1 Jenkins Enterprise 1.480.x versions prior to 1.480.4.1 Description: A cross-site scripting XSS issue allows remote...