CVE-2014-3678CVE-2014-3678

Affected configuration(s):

cpe:/a:jenkins-ci:monitoring_plugin:1.40.0::~~~cloudbees_jenkins~~
cpe:/a:jenkins-ci:monitoring_plugin:1.41.0::~~~cloudbees_jenkins~~
cpe:/a:jenkins-ci:monitoring_plugin:1.42.0::~~~cloudbees_jenkins~~
cpe:/a:jenkins-ci:monitoring_plugin:1.43.0::~~~cloudbees_jenkins~~
cpe:/a:jenkins-ci:monitoring_plugin:1.44.0::~~~cloudbees_jenkins~~
cpe:/a:jenkins-ci:monitoring_plugin:1.45.0::~~~cloudbees_jenkins~~
cpe:/a:jenkins-ci:monitoring_plugin:1.46.0::~~~cloudbees_jenkins~~
cpe:/a:jenkins-ci:monitoring_plugin:1.47.0::~~~cloudbees_jenkins~~
cpe:/a:jenkins-ci:monitoring_plugin:1.48.0::~~~cloudbees_jenkins~~
cpe:/a:jenkins-ci:monitoring_plugin:1.49.0::~~~cloudbees_jenkins~~
cpe:/a:jenkins-ci:monitoring_plugin:1.50.0::~~~cloudbees_jenkins~~
cpe:/a:jenkins-ci:monitoring_plugin:1.51.0::~~~cloudbees_jenkins~~
cpe:/a:jenkins-ci:monitoring_plugin:1.52.0::~~~cloudbees_jenkins~~
cpe:/a:jenkins-ci:monitoring_plugin:1.52.1::~~~cloudbees_jenkins~~

Date published: 2014-10-10T10:55:07.133-04:00

Date last modified: 2016-07-15T11:01:23.177-04:00

CVSS Score: 4.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: https://wiki.jenkins-ci.org/display/JENKINS/Monitoring

Summary: Cross-site scripting (XSS) vulnerability in the Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.