Minoru Sakai

Researcher fromSCSK Corporation
#30475of 53,632
8.6Total CVSS
Vulnerabilities · 2
Medium
2
PT-2012-2500
4.3
2012-03-09
Cloudbees · Jenkins · CVE-2012-0324
**Name of the Vulnerable Software and Affected Versions** Jenkins versions prior to 1.454 Jenkins LTS versions prior to 1.424.5 Jenkins Enterprise versions 1.400.x prior to 1.400.0.13 Jenkins Enterprise versions 1.424.x prior to 1.424.5.1 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. **Recommendations** For Jenkins versions prior to 1.454, update to version 1.454 or later. For Jenkins LTS versions prior to 1.424.5, update to version 1.424.5 or later. For Jenkins Enterprise versions 1.400.x prior to 1.400.0.13, update to version 1.400.0.13 or later. For Jenkins Enterprise versions 1.424.x prior to 1.424.5.1, update to version 1.424.5.1 or later.
PT-2012-2501
4.3
2012-03-09
Cloudbees · Jenkins · CVE-2012-0325
**Name of the Vulnerable Software and Affected Versions** Jenkins versions prior to 1.454 Jenkins LTS versions prior to 1.424.5 Jenkins Enterprise versions 1.400.x prior to 1.400.0.13 Jenkins Enterprise versions 1.424.x prior to 1.424.5.1 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. **Recommendations** For Jenkins versions prior to 1.454, update to version 1.454 or later. For Jenkins LTS versions prior to 1.424.5, update to version 1.424.5 or later. For Jenkins Enterprise versions 1.400.x prior to 1.400.0.13, update to version 1.400.0.13 or later. For Jenkins Enterprise versions 1.424.x prior to 1.424.5.1, update to version 1.424.5.1 or later.