Cross-site scripting (XSS) vulnerability in the default markup formatter in Jenkins 1.523 allows remote attackers to inject arbitrary web script or HTML via the Description field in the user configuration.
References
Configurations
History
No history.
Information
Published : 2013-12-31 16:04
Updated : 2024-02-28 12:00
NVD link : CVE-2013-5573
Mitre link : CVE-2013-5573
CVE.ORG link : CVE-2013-5573
JSON object : View
Products Affected
jenkins
- jenkins
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')