Cross-site scripting (XSS) vulnerability in the slave overview page in Jenkins before 1.638 and LTS before 1.625.2 allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the slave offline status message.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2015-11-25T20:00:00

Updated: 2024-08-06T06:41:09.293Z

Reserved: 2015-07-01T00:00:00

Link: CVE-2015-5326

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2015-11-25T20:59:18.217

Modified: 2024-11-21T02:32:48.030

Link: CVE-2015-5326

cve-icon Redhat

Severity : Low

Publid Date: 2015-11-11T00:00:00Z

Links: CVE-2015-5326 - Bugzilla