GHSA-52g6-pfrq-rxfv
Suggest an improvement- Source
- https://github.com/advisories/GHSA-52g6-pfrq-rxfv
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-52g6-pfrq-rxfv/GHSA-52g6-pfrq-rxfv.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-52g6-pfrq-rxfv
- Aliases
-
- CVE-2013-5573
- Published
- 2022-05-17T01:31:21Z
- Modified
- 2025-03-13T19:28:45.836089Z
- Severity
-
- 2.1 (Low) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N CVSS Calculator
- Summary
- Jenkins allows Cross-Site Scripting (XSS) in User Configuration
- Details
-
Cross-site scripting (XSS) vulnerability in the default markup formatter in Jenkins 1.523 allows remote attackers to inject arbitrary web script or HTML via the Description field in the user configuration.
- Database specific
{ "cwe_ids": [ "CWE-79" ], "github_reviewed": true, "github_reviewed_at": "2025-03-13T19:11:25Z", "nvd_published_at": "2013-12-31T16:04:00Z", "severity": "LOW" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2013-5573
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89872
- https://github.com/jenkinsci/jenkins
- https://web.archive.org/web/20200229071540/http://www.securityfocus.com/bid/64414
- http://packetstormsecurity.com/files/124513
- http://seclists.org/bugtraq/2013/Dec/104
- http://seclists.org/fulldisclosure/2013/Dec/159
- http://www.exploit-db.com/exploits/30408
Affected packages
Maven / org.jenkins-ci.main:jenkins-core
Package
- Name
- org.jenkins-ci.main:jenkins-core
- View open source insights on deps.dev
- Purl
- pkg:maven/org.jenkins-ci.main/jenkins-core
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedLast affected1.523
Affected versions
1.*
1.396
1.397
1.398
1.399
1.400
1.401
1.403
1.404
1.405
1.406
1.407
1.408
1.409
1.409.1
1.409.2
1.409.3
1.410
1.411
1.412
1.413
1.414
1.415
1.416
1.417
1.418
1.419
1.420
1.421
1.422
1.423
1.424
1.424.1
1.424.2
1.424.3
1.424.4
1.424.5
1.424.6
1.425
1.426
1.427
1.428
1.429
1.430
1.431
1.432
1.433
1.434
1.435
1.436
1.437
1.438
1.439
1.440
1.441
1.442
1.443
1.444
1.445
1.446
1.447
1.447.1
1.447.2
1.448
1.449
1.450
1.451
1.452
1.453
1.454
1.455
1.456
1.457
1.458
1.459
1.460
1.461
1.462
1.463
1.464
1.465
1.466
1.466.1
1.466.2
1.467
1.468
1.469
1.470
1.471
1.472
1.473
1.474
1.475
1.476
1.477
1.478
1.479
1.480
1.480.1
1.480.2
1.480.3
1.481
1.482
1.483
1.484
1.485
1.486
1.487
1.488
1.489
1.490
1.491
1.492
1.493
1.494
1.495
1.496
1.497
1.498
1.499
1.500
1.501
1.502
1.503
1.504
1.505
1.506
1.507
1.508
1.509
1.509.1
1.509.2
1.509.2.JENKINS-8856-diag
1.509.2.JENKINS-14362-jzlib
1.509.3
1.509.3.JENKINS-14362-jzlib
1.509.4
1.510
1.511
1.512
1.513
1.514
1.515
1.516
1.516.JENKINS-14362-jzlib
1.517
1.518
1.518.JENKINS-14362-jzlib
1.519
1.520
1.521
1.522
1.523