Description

Cross-site scripting (XSS) vulnerability in the default markup formatter in Jenkins 1.523 allows remote attackers to inject arbitrary web script or HTML via the Description field in the user configuration.

Remediation

References

CVE-2013-5573

Related Vulnerabilities

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-16942)

WordPress Plugin Delete All Comments Arbitrary File Upload (2.0)

WordPress Plugin Auto Amazon Links-Amazon Associates Affiliate Cross-Site Scripting (4.6.19)

WordPress Plugin QR Redirector Cross-Site Scripting (1.6)

WordPress Plugin Pctags-Pinterest conversion tags for Pinterest Ads (advertising) + Event tracking + Site verification + WooCommerce Security Bypass (1.0.1)

Severity

Medium

Classification

CVE-2013-5573 CWE-707

Tags

Missing Update Known Vulnerabilities