Jenkins: >> Jenkins >> 1.523 Security Vulnerabilities
Directory traversal vulnerability in the CLI job creation (hudson/cli/CreateJobCommand.java) in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to overwrite arbitrary files via the job name.
CVSS Score
6.5
EPSS Score
0.028
Published
2014-03-01
Cross-site scripting (XSS) vulnerability in java/hudson/model/Cause.java in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to inject arbitrary web script or HTML via a "remote cause note."
CVSS Score
3.5
EPSS Score
0.001
Published
2014-03-01
Cross-site scripting (XSS) vulnerability in the default markup formatter in Jenkins 1.523 allows remote attackers to inject arbitrary web script or HTML via the Description field in the user configuration.
CVSS Score
4.3
EPSS Score
0.026
Published
2013-12-31
Page 23