Veracode Vulnerability DatabaseVERACODE:14791Cross-site Scripting (XSS)
EPSS
Percentile
56.9%
jenkins is vulnerable to cross-site scripting (XSS). The vulnerability exists through iconSize cookie.
References
www.openwall.com/lists/oss-security/2014/02/21/2
www.openwall.com/lists/oss-security/2014/02/21/2
access.redhat.com/security/cve/CVE-2013-5573
access.redhat.com/security/cve/CVE-2013-6372
access.redhat.com/security/cve/CVE-2013-7330
access.redhat.com/security/cve/CVE-2014-2059
access.redhat.com/security/cve/CVE-2014-2060
access.redhat.com/security/cve/CVE-2014-2061
access.redhat.com/security/cve/CVE-2014-2062
access.redhat.com/security/cve/CVE-2014-2063
access.redhat.com/security/cve/CVE-2014-2064
access.redhat.com/security/cve/CVE-2014-2065
access.redhat.com/security/cve/CVE-2014-2066
access.redhat.com/security/cve/CVE-2014-2067
access.redhat.com/security/cve/CVE-2014-2068
access.redhat.com/security/cve/CVE-2014-3661
access.redhat.com/security/cve/CVE-2014-3662
access.redhat.com/security/cve/CVE-2014-3663
access.redhat.com/security/cve/CVE-2014-3664
access.redhat.com/security/cve/CVE-2014-3665
access.redhat.com/security/cve/CVE-2014-3666
access.redhat.com/security/cve/CVE-2014-3667
access.redhat.com/security/cve/CVE-2014-3678
access.redhat.com/security/cve/CVE-2014-3681
bugzilla.redhat.com/show_bug.cgi?id=1127667
github.com/jenkinsci/jenkins/commit/a0b00508eeb74d7033dc4100eb382df4e8fa72e7
github.com/jenkinsci/jenkins/commit/a0b00508eeb74d7033dc4100eb382df4e8fa72e7
rhn.redhat.com/errata/RHBA-2014-1630.html
wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
Related
