CVE-2012-4439
UNKNOWN
Published 2019-11-18T20:56:45
Actions:
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2012-4439. We'll provide specific mitigation strategies based on your environment and risk profile.
No CVSS data available
Description
Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL that points to Jenkins.
Available Exploits
No exploits available for this CVE.
Related News
No news articles found for this CVE.
GitHub Security Advisories
Community-driven vulnerability intelligence from GitHub
✓ GitHub Reviewed
MODERATE
Jenkins allows Cross-Site Scripting (XSS) via Crafted URL
GHSA-x97g-3gp9-cf2pAdvisory Details
Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL that points to Jenkins.
Affected Packages
Maven
org.jenkins-ci.main:jenkins-core
ECOSYSTEM:
≥0
<1.466.2
Maven
org.jenkins-ci.main:jenkins-core
ECOSYSTEM:
≥1.467
<1.482
CVSS Scoring
CVSS Score
5.0
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
References
Advisory provided by GitHub Security Advisory Database. Published: April 23, 2022, Modified: March 12, 2025
References
Published: 2019-11-18T20:56:45
Last Modified: 2024-08-06T20:35:09.695Z
Copied to clipboard!