4 matches found
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +923 more potentially affected by CVE-2014-2065 via org.jenkins-ci.main:jenkins-core (>=1.396 <=1.532.1.JENKINS-19453)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =0.0.1, =0.9, =1.0, =1.0.0, =1.0, =1.0-beta-1, =2.1, =1.0, =1.1, =2.0.6 - com.cisco.step.jenkins.plugins:jenkow-parent =0.1 and more Source cves: CVE-2014-2065 Source advisory: OSV:GHSA-FXJ8-CQCP-3VGQ...
CVE-2014-2065
Cross-site scripting XSS vulnerability in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to inject arbitrary web script or HTML via the iconSize cookie...
CVE-2014-2065
Cross-site scripting XSS vulnerability in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to inject arbitrary web script or HTML via the iconSize cookie...
CVE-2014-2065
CVE-2014-2065 is a cross-site scripting (XSS) vulnerability in Jenkins where an attacker could inject arbitrary script via the iconSize cookie. Affected: Jenkins before 1.551 and LTS before 1.532.2. Root cause: improper handling of the iconSize cookie. Impact details are provided, but exploitatio...