CVE-2013-5573

Name of the Vulnerable Software and Affected Versions Jenkins version 1.523

Description A cross-site scripting (XSS) issue exists in the default markup formatter, allowing remote attackers to inject arbitrary web script or HTML via the Description field in the user configuration.

Recommendations For Jenkins version 1.523, consider disabling the default markup formatter in the user configuration as a temporary workaround until a patch is available. Restrict access to the Description field to minimize the risk of exploitation.