Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.808274 |
Categoría: | Web application abuses |
Título: | Jenkins Multiple Cross Site Scripting Vulnerabilities (Mar 2012) - Linux |
Resumen: | This host is installed with Jenkins and is prone; to multiple cross-site scripting vulnerabilities. |
Descripción: | Summary: This host is installed with Jenkins and is prone to multiple cross-site scripting vulnerabilities. Vulnerability Insight: Multiple flaws exist due to multiple input validation errors. Vulnerability Impact: Successful exploitation will allow remote attackers to inject malicious HTMLs to pages served by Jenkins. This allows an attacker to escalate his privileges by hijacking sessions of other users. Affected Software/OS: Jenkins main line 1.452 and prior, Jenkins LTS 1.424.3 and prior. Solution: Jenkins main line users should update to 1.454, Jenkins LTS users should update to 1.424.6. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N |
Referencia Cruzada: |
BugTraq ID: 52384 Common Vulnerability Exposure (CVE) ID: CVE-2012-0324 http://www.securityfocus.com/bid/52384 http://jvn.jp/en/jp/JVN14791558/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2012-000022 Common Vulnerability Exposure (CVE) ID: CVE-2012-0325 http://jvn.jp/en/jp/JVN79950061/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2012-000023 |
Copyright | Copyright (C) 2016 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |