CVE-2012-0325

Cross-site scripting (XSS) vulnerability in Jenkins before 1.454, Jenkins LTS before 1.424.5, and Jenkins Enterprise 1.400.x before 1.400.0.13 and 1.424.x before 1.424.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0324.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
jpcertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
VendorProductVersion
cloudbeesjenkins
𝑥
≤ 1.453
jenkinsjenkins
1.301
jenkinsjenkins
1.302
jenkinsjenkins
1.303
jenkinsjenkins
1.304
jenkinsjenkins
1.305
jenkinsjenkins
1.306
jenkinsjenkins
1.307
jenkinsjenkins
1.308
jenkinsjenkins
1.309
jenkinsjenkins
1.310
jenkinsjenkins
1.311
jenkinsjenkins
1.312
jenkinsjenkins
1.313
jenkinsjenkins
1.314
jenkinsjenkins
1.315
jenkinsjenkins
1.316
jenkinsjenkins
1.317
jenkinsjenkins
1.318
jenkinsjenkins
1.319
jenkinsjenkins
1.320
jenkinsjenkins
1.321
jenkinsjenkins
1.322
jenkinsjenkins
1.323
jenkinsjenkins
1.324
jenkinsjenkins
1.325
jenkinsjenkins
1.326
jenkinsjenkins
1.327
jenkinsjenkins
1.328
jenkinsjenkins
1.329
jenkinsjenkins
1.330
jenkinsjenkins
1.331
jenkinsjenkins
1.332
jenkinsjenkins
1.333
jenkinsjenkins
1.334
jenkinsjenkins
1.335
jenkinsjenkins
1.336
jenkinsjenkins
1.337
jenkinsjenkins
1.338
jenkinsjenkins
1.339
jenkinsjenkins
1.340
jenkinsjenkins
1.341
jenkinsjenkins
1.342
jenkinsjenkins
1.343
jenkinsjenkins
1.344
jenkinsjenkins
1.345
jenkinsjenkins
1.346
jenkinsjenkins
1.347
jenkinsjenkins
1.348
jenkinsjenkins
1.349
jenkinsjenkins
1.350
jenkinsjenkins
1.351
jenkinsjenkins
1.352
jenkinsjenkins
1.353
jenkinsjenkins
1.354
jenkinsjenkins
1.355
jenkinsjenkins
1.356
jenkinsjenkins
1.357
jenkinsjenkins
1.358
jenkinsjenkins
1.359
jenkinsjenkins
1.360
jenkinsjenkins
1.361
jenkinsjenkins
1.362
jenkinsjenkins
1.363
jenkinsjenkins
1.364
jenkinsjenkins
1.365
jenkinsjenkins
1.366
jenkinsjenkins
1.367
jenkinsjenkins
1.368
jenkinsjenkins
1.369
jenkinsjenkins
1.370
jenkinsjenkins
1.371
jenkinsjenkins
1.372
jenkinsjenkins
1.373
jenkinsjenkins
1.374
jenkinsjenkins
1.375
jenkinsjenkins
1.376
jenkinsjenkins
1.377
jenkinsjenkins
1.378
jenkinsjenkins
1.379
jenkinsjenkins
1.380
jenkinsjenkins
1.382
jenkinsjenkins
1.383
jenkinsjenkins
1.384
jenkinsjenkins
1.386
jenkinsjenkins
1.387
jenkinsjenkins
1.388
jenkinsjenkins
1.389
jenkinsjenkins
1.390
jenkinsjenkins
1.391
jenkinsjenkins
1.392
jenkinsjenkins
1.393
jenkinsjenkins
1.394
jenkinsjenkins
1.395
jenkinsjenkins
1.396
jenkinsjenkins
1.397
jenkinsjenkins
1.398
jenkinsjenkins
1.399
jenkinsjenkins
1.400
jenkinsjenkins
1.401
jenkinsjenkins
1.402
jenkinsjenkins
1.403
jenkinsjenkins
1.404
jenkinsjenkins
1.405
jenkinsjenkins
1.406
jenkinsjenkins
1.407
jenkinsjenkins
1.408
jenkinsjenkins
1.409
jenkinsjenkins
1.409.1
jenkinsjenkins
1.409.2
jenkinsjenkins
1.410
jenkinsjenkins
1.411
jenkinsjenkins
1.412
jenkinsjenkins
1.413
jenkinsjenkins
1.414
jenkinsjenkins
1.415
jenkinsjenkins
1.416
jenkinsjenkins
1.417
jenkinsjenkins
1.418
jenkinsjenkins
1.419
jenkinsjenkins
1.420
jenkinsjenkins
1.421
jenkinsjenkins
1.422
jenkinsjenkins
1.423
jenkinsjenkins
1.424
jenkinsjenkins
1.425
jenkinsjenkins
1.426
jenkinsjenkins
1.427
jenkinsjenkins
1.428
jenkinsjenkins
1.429
jenkinsjenkins
1.430
jenkinsjenkins
1.431
jenkinsjenkins
1.432
jenkinsjenkins
1.433
jenkinsjenkins
1.434
jenkinsjenkins
1.435
jenkinsjenkins
1.436
jenkinsjenkins
1.437
cloudbeesjenkins
1.400
cloudbeesjenkins
1.400.0.12
cloudbeesjenkins
1.424
cloudbeesjenkins
1.424.5
cloudbeesjenkins
1.400
cloudbeesjenkins
1.400.0.12
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
jenkins
raring
not-affected
quantal
not-affected
precise
not-affected
oneiric
ignored
natty
dne
maverick
dne
lucid
dne
hardy
dne
Common Weakness Enumeration
References
http://jvn.jp/en/jp/JVN79950061/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000023
http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-03-05.cb
http://www.securityfocus.com/bid/52384
http://jvn.jp/en/jp/JVN79950061/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000023
http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-03-05.cb
http://www.securityfocus.com/bid/52384