CVE-2015-1812

CVSS v2.0 4.3 (Medium)

EPSS 0.22 % (60^th)

Affected Products 2

Advisories 3

Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-1813.

Weaknesses

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Related CVEs

CVE-2015-1813

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2015-10-16 20:59:09
(9 years ago)
Updated Date: 2016-06-15 17:02:03
(8 years ago)

Affected Products

Jenkins

Jenkins

Redhat

Openshift

Configuration #1

		CPE23	From	Up To
	Jenkins 1.596.1 and prior versions	cpe:2.3:a:jenkins:jenkins::::*:lts		<= 1.596.1

Configuration #2

		CPE23	From	Up To
	Jenkins 1.605 and prior versions	cpe:2.3:a:jenkins:jenkins		<= 1.605

Configuration #3

		CPE23	From	Up To
	Redhat Openshift 3.1 and prior versions	cpe:2.3:a:redhat:openshift::::*:enterprise		<= 3.1