Cross-site scripting (XSS) vulnerability in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to inject arbitrary web script or HTML via the iconSize cookie.
References
Configurations
History
No history.
Information
Published : 2014-10-17 15:55
Updated : 2024-02-28 12:20
NVD link : CVE-2014-2065
Mitre link : CVE-2014-2065
CVE.ORG link : CVE-2014-2065
JSON object : View
Products Affected
jenkins
- jenkins
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')