Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.5
CVSSv2

CVE-2012-6074

Published: 24/02/2013 Updated: 13/02/2023
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
VMScore: 312
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N
Subscribe to Cloudbees

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in Jenkins prior to 1.491, Jenkins LTS prior to 1.480.1, and Jenkins Enterprise 1.424.x prior to 1.424.6.13, 1.447.x prior to 1.447.4.1, and 1.466.x prior to 1.466.10.1 allows remote authenticated users with write access to inject arbitrary web script or HTML via unspecified vectors.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cloudbees jenkins

jenkins jenkins 1.404

jenkins jenkins 1.403

jenkins jenkins 1.402

jenkins jenkins 1.401

jenkins jenkins 1.408

jenkins jenkins 1.407

jenkins jenkins 1.406

jenkins jenkins 1.405

jenkins jenkins 1.400

jenkins jenkins 1.437

jenkins jenkins 1.436

jenkins jenkins 1.435

jenkins jenkins 1.434

jenkins jenkins 1.433

jenkins jenkins 1.432

jenkins jenkins 1.431

jenkins jenkins 1.430

jenkins jenkins 1.409

jenkins jenkins 1.415

jenkins jenkins 1.414

jenkins jenkins 1.413

jenkins jenkins 1.412

jenkins jenkins 1.419

jenkins jenkins 1.418

jenkins jenkins 1.417

jenkins jenkins 1.416

jenkins jenkins 1.411

jenkins jenkins 1.410

jenkins jenkins 1.426

jenkins jenkins 1.425

jenkins jenkins 1.424

jenkins jenkins 1.423

jenkins jenkins 1.429

jenkins jenkins 1.428

jenkins jenkins 1.427

jenkins jenkins 1.422

jenkins jenkins 1.421

jenkins jenkins 1.420

cloudbees jenkins 1.447.1.1

cloudbees jenkins 1.447.2.2

cloudbees jenkins 1.447.3.1

cloudbees jenkins 1.424.6.1

cloudbees jenkins 1.424.0.4

cloudbees jenkins 1.424.1.1

cloudbees jenkins 1.424.5.1

cloudbees jenkins 1.424.4.1

cloudbees jenkins 1.424.2.1

cloudbees jenkins 1.424.0.2

cloudbees jenkins 1.424.6.11

cloudbees jenkins 1.466.2.1

cloudbees jenkins 1.466.1.2

cloudbees jenkins 1.424

cloudbees jenkins 1.400

cloudbees jenkins 1.447

jenkins jenkins

jenkins jenkins 1.424.2

jenkins jenkins 1.424.1

jenkins jenkins 1.424.4

jenkins jenkins 1.424.3

jenkins jenkins 1.466.1

jenkins jenkins 1.447.2

jenkins jenkins 1.447.1

jenkins jenkins 1.409.2

jenkins jenkins 1.409.3

jenkins jenkins 1.424.6

jenkins jenkins 1.424.5

jenkins jenkins 1.409.1

Vendor Advisories

Debian CVElist Bug Report Logs: jenkins: Security issues were found in Jenkins core
Debian Bug report logs - #696816 jenkins: Security issues were found in Jenkins core Package: jenkins; Maintainer for jenkins is (unknown); Reported by: Nobuhiro Ban <bannobuhiro@gmailcom> Date: Thu, 27 Dec 2012 16:21:02 UTC Severity: grave Tags: security Found in version jenkins/14472+dfsg-2 Fixed in versions jenkins ...

References

CWE-79https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20http://rhn.redhat.com/errata/RHSA-2013-0220.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=890612http://www.openwall.com/lists/oss-security/2012/12/28/1http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-11-20.cbhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696816https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
injectionCVE-2024-30983CVE-2023-4235CVE-2024-21338privilegeencryptionCVE-2023-4232CVE-2024-31497CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook