Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:10952
HistoryJan 15, 2019 - 8:54 a.m.

Cross-site Scripting (XSS)

2019-01-1508:54:38
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

JSON

jenkins is vulnerable to cross-site scripting (XSS) attacks. The vulnerability exists in the default markup formatter in Jenkins 1.523 allows remote attackers to inject arbitrary web script or HTML via the Description field in the user configuration.

References

Related

packetstorm 1
exploitpack 1
seebug 1
securityvulns 3
prion 1
ubuntucve 1
cve 1
exploitdb 1
nessus 2
freebsd 1
openvas 2
packetstorm
packetstorm
Jenkins CI 1.523 Persistent Script Insertion
2013-12-19 00:00:00
exploitpack
exploitpack
Jenkins 1.523 - Persistent HTML Code
2013-12-18 00:00:00
seebug
seebug
Jenkins 1.523 - Inject Persistent HTML Code
2014-07-01 00:00:00
securityvulns
securityvulns
[CVE-2013-5676] Plain Text Password In SonarQube Jenkins Plugin
2014-01-09 00:00:00
[CVE-2013-5573] Jenkins v1.523 Default markup formatter permits offsite-bound forms
2014-01-09 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2014-01-09 00:00:00
prion
prion
Cross site scripting
2013-12-31 16:04:00
ubuntucve
ubuntucve
CVE-2013-5573
2013-12-31 00:00:00
cve
cve
CVE-2013-5573
2013-12-31 16:04:00
exploitdb
exploitdb
Jenkins 1.523 - Persistent HTML Code
2013-12-18 00:00:00
nessus
nessus
FreeBSD : jenkins -- multiple vulnerabilities (3e0507c6-9614-11e3-b3a5-00e0814cab4e)
2014-02-17 00:00:00
Jenkins < 1.551 / 1.532.2 and Jenkins Enterprise 1.509.x / 1.532.x < 1.509.5.1 / 1.532.2.2 Multiple Vulnerabilities
2014-02-25 00:00:00
freebsd
freebsd
jenkins -- multiple vulnerabilities
2014-02-14 00:00:00
openvas
openvas
Jenkins Multiple Vulnerabilities (Feb 2014) - Windows
2015-12-21 00:00:00
Jenkins Multiple Vulnerabilities (Feb 2014) - Linux
2016-08-05 00:00:00

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

JSON
Related for VERACODE:10952
packetstorm1exploitpack1seebug1securityvulns3prion1ubuntucve1cve1exploitdb1nessus2freebsd1openvas2