Description

CRLF injection vulnerability in Jenkins before 1.491, Jenkins LTS before 1.480.1, and Jenkins Enterprise 1.424.x before 1.424.6.13, 1.447.x before 1.447.4.1, and 1.466.x before 1.466.10.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Remediation

References

CVE-2012-6072

Related Vulnerabilities

WordPress Plugin Email Before Download Unspecified Vulnerability (6.9.3)

Microsoft SQL Server CVE-2023-23384 Vulnerability (CVE-2023-23384)

Oracle Database Server CVE-2008-0342 Vulnerability (CVE-2008-0342)

WordPress Plugin WP Download Codes Cross-Site Scripting (2.5.1)

Oracle Application Server CVE-2006-0287 Vulnerability (CVE-2006-0287)

Severity

Medium

Classification

CVE-2012-6072 CWE-20

Tags

Missing Update Known Vulnerabilities