CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jenkins: >> Jenkins >> 1.505 Security Vulnerabilities

CVE-2013-2033

Cross-site scripting (XSS) vulnerability in Jenkins before 1.514, LTS before 1.509.1, and Enterprise 1.466.x before 1.466.14.1 and 1.480.x before 1.480.4.1 allows remote authenticated users with write permission to inject arbitrary web script or HTML via unspecified vectors.

CVSS Score

2.1

EPSS Score

0.002

Published

2014-04-10

CVE-2014-2059

Directory traversal vulnerability in the CLI job creation (hudson/cli/CreateJobCommand.java) in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to overwrite arbitrary files via the job name.

CVSS Score

6.5

EPSS Score

0.028

Published

2014-03-01

CVE-2014-2067

Cross-site scripting (XSS) vulnerability in java/hudson/model/Cause.java in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to inject arbitrary web script or HTML via a "remote cause note."

CVSS Score

3.5

EPSS Score

0.001

Published

2014-03-01

Page 23

Vulnerabilities

Vulnerable Software

Jenkins: >> Jenkins >> 1.505 Security Vulnerabilities

Products

Pricing

Contact Us