CVE-2013-2033

Cross-site scripting (XSS) vulnerability in Jenkins before 1.514, LTS before 1.509.1, and Enterprise 1.466.x before 1.466.14.1 and 1.480.x before 1.480.4.1 allows remote authenticated users with write permission to inject arbitrary web script or HTML via unspecified vectors.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:cloudbees:jenkins:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:cloudbees:jenkins:*:*:*:*:enterprise:*:*:*

History

No history.

Information

Published : 2014-04-10 20:29

Updated : 2024-02-28 12:20


NVD link : CVE-2013-2033

Mitre link : CVE-2013-2033

CVE.ORG link : CVE-2013-2033


JSON object : View

Products Affected

jenkins

  • jenkins

cloudbees

  • jenkins
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')