CVE-2013-0328

CVSS v2.0 4.3 (Medium)

EPSS 0.12 % (47^th)

Affected Products 1

Advisories 1

Cross-site scripting (XSS) vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Weaknesses

CWE-352: Cross-Site Request Forgery (CSRF)

Related CVEs

CVE-2013-6488

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2013-03-19 14:55:02
(11 years ago)
Updated Date: 2023-02-13 04:41:08
(19 months ago)

Affected Products

Jenkins

Jenkins

Configuration #1

		CPE23	From	Up To
	Jenkins 1.501 and prior versions	cpe:2.3:a:jenkins:jenkins		<= 1.501

Configuration #2

		CPE23	From	Up To
	Jenkins 1.480.2 and prior versions	cpe:2.3:a:jenkins:jenkins::::*:lts		<= 1.480.2