Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2012-0325

Cross-site scripting (XSS) vulnerability in Jenkins before 1.454, Jenkins LTS before 1.424.5, and Jenkins Enterprise 1.400.x before 1.400.0.13 and 1.424.x before 1.424.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0324.

Published

2012-03-09T11:55:01.083

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 4.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Primary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	cloudbees	jenkins	≤ 1.453	Yes
Application	jenkins	jenkins	1.301	Yes
Application	jenkins	jenkins	1.302	Yes
Application	jenkins	jenkins	1.303	Yes
Application	jenkins	jenkins	1.304	Yes
Application	jenkins	jenkins	1.305	Yes
Application	jenkins	jenkins	1.306	Yes
Application	jenkins	jenkins	1.307	Yes
Application	jenkins	jenkins	1.308	Yes
Application	jenkins	jenkins	1.309	Yes
Application	jenkins	jenkins	1.310	Yes
Application	jenkins	jenkins	1.311	Yes
Application	jenkins	jenkins	1.312	Yes
Application	jenkins	jenkins	1.313	Yes
Application	jenkins	jenkins	1.314	Yes
Application	jenkins	jenkins	1.315	Yes
Application	jenkins	jenkins	1.316	Yes
Application	jenkins	jenkins	1.317	Yes
Application	jenkins	jenkins	1.318	Yes
Application	jenkins	jenkins	1.319	Yes
Application	jenkins	jenkins	1.320	Yes
Application	jenkins	jenkins	1.321	Yes
Application	jenkins	jenkins	1.322	Yes
Application	jenkins	jenkins	1.323	Yes
Application	jenkins	jenkins	1.324	Yes
Application	jenkins	jenkins	1.325	Yes
Application	jenkins	jenkins	1.326	Yes
Application	jenkins	jenkins	1.327	Yes
Application	jenkins	jenkins	1.328	Yes
Application	jenkins	jenkins	1.329	Yes
Application	jenkins	jenkins	1.330	Yes
Application	jenkins	jenkins	1.331	Yes
Application	jenkins	jenkins	1.332	Yes
Application	jenkins	jenkins	1.333	Yes
Application	jenkins	jenkins	1.334	Yes
Application	jenkins	jenkins	1.335	Yes
Application	jenkins	jenkins	1.336	Yes
Application	jenkins	jenkins	1.337	Yes
Application	jenkins	jenkins	1.338	Yes
Application	jenkins	jenkins	1.339	Yes
Application	jenkins	jenkins	1.340	Yes
Application	jenkins	jenkins	1.341	Yes
Application	jenkins	jenkins	1.342	Yes
Application	jenkins	jenkins	1.343	Yes
Application	jenkins	jenkins	1.344	Yes
Application	jenkins	jenkins	1.345	Yes
Application	jenkins	jenkins	1.346	Yes
Application	jenkins	jenkins	1.347	Yes
Application	jenkins	jenkins	1.348	Yes
Application	jenkins	jenkins	1.349	Yes
Application	jenkins	jenkins	1.350	Yes
Application	jenkins	jenkins	1.351	Yes
Application	jenkins	jenkins	1.352	Yes
Application	jenkins	jenkins	1.353	Yes
Application	jenkins	jenkins	1.354	Yes
Application	jenkins	jenkins	1.355	Yes
Application	jenkins	jenkins	1.356	Yes
Application	jenkins	jenkins	1.357	Yes
Application	jenkins	jenkins	1.358	Yes
Application	jenkins	jenkins	1.359	Yes
Application	jenkins	jenkins	1.360	Yes
Application	jenkins	jenkins	1.361	Yes
Application	jenkins	jenkins	1.362	Yes
Application	jenkins	jenkins	1.363	Yes
Application	jenkins	jenkins	1.364	Yes
Application	jenkins	jenkins	1.365	Yes
Application	jenkins	jenkins	1.366	Yes
Application	jenkins	jenkins	1.367	Yes
Application	jenkins	jenkins	1.368	Yes
Application	jenkins	jenkins	1.369	Yes
Application	jenkins	jenkins	1.370	Yes
Application	jenkins	jenkins	1.371	Yes
Application	jenkins	jenkins	1.372	Yes
Application	jenkins	jenkins	1.373	Yes
Application	jenkins	jenkins	1.374	Yes
Application	jenkins	jenkins	1.375	Yes
Application	jenkins	jenkins	1.376	Yes
Application	jenkins	jenkins	1.377	Yes
Application	jenkins	jenkins	1.378	Yes
Application	jenkins	jenkins	1.379	Yes
Application	jenkins	jenkins	1.380	Yes
Application	jenkins	jenkins	1.382	Yes
Application	jenkins	jenkins	1.383	Yes
Application	jenkins	jenkins	1.384	Yes
Application	jenkins	jenkins	1.386	Yes
Application	jenkins	jenkins	1.387	Yes
Application	jenkins	jenkins	1.388	Yes
Application	jenkins	jenkins	1.389	Yes
Application	jenkins	jenkins	1.390	Yes
Application	jenkins	jenkins	1.391	Yes
Application	jenkins	jenkins	1.392	Yes
Application	jenkins	jenkins	1.393	Yes
Application	jenkins	jenkins	1.394	Yes
Application	jenkins	jenkins	1.395	Yes
Application	jenkins	jenkins	1.396	Yes
Application	jenkins	jenkins	1.397	Yes
Application	jenkins	jenkins	1.398	Yes
Application	jenkins	jenkins	1.399	Yes
Application	jenkins	jenkins	1.400	Yes
Application	jenkins	jenkins	1.401	Yes
Application	jenkins	jenkins	1.402	Yes
Application	jenkins	jenkins	1.403	Yes
Application	jenkins	jenkins	1.404	Yes
Application	jenkins	jenkins	1.405	Yes
Application	jenkins	jenkins	1.406	Yes
Application	jenkins	jenkins	1.407	Yes
Application	jenkins	jenkins	1.408	Yes
Application	jenkins	jenkins	1.409	Yes
Application	jenkins	jenkins	1.409.1	Yes
Application	jenkins	jenkins	1.409.2	Yes
Application	jenkins	jenkins	1.410	Yes
Application	jenkins	jenkins	1.411	Yes
Application	jenkins	jenkins	1.412	Yes
Application	jenkins	jenkins	1.413	Yes
Application	jenkins	jenkins	1.414	Yes
Application	jenkins	jenkins	1.415	Yes
Application	jenkins	jenkins	1.416	Yes
Application	jenkins	jenkins	1.417	Yes
Application	jenkins	jenkins	1.418	Yes
Application	jenkins	jenkins	1.419	Yes
Application	jenkins	jenkins	1.420	Yes
Application	jenkins	jenkins	1.421	Yes
Application	jenkins	jenkins	1.422	Yes
Application	jenkins	jenkins	1.423	Yes
Application	jenkins	jenkins	1.424	Yes
Application	jenkins	jenkins	1.425	Yes
Application	jenkins	jenkins	1.426	Yes
Application	jenkins	jenkins	1.427	Yes
Application	jenkins	jenkins	1.428	Yes
Application	jenkins	jenkins	1.429	Yes
Application	jenkins	jenkins	1.430	Yes
Application	jenkins	jenkins	1.431	Yes
Application	jenkins	jenkins	1.432	Yes
Application	jenkins	jenkins	1.433	Yes
Application	jenkins	jenkins	1.434	Yes
Application	jenkins	jenkins	1.435	Yes
Application	jenkins	jenkins	1.436	Yes
Application	jenkins	jenkins	1.437	Yes
Application	cloudbees	jenkins	1.400	Yes
Application	cloudbees	jenkins	1.400.0.12	Yes
Application	cloudbees	jenkins	1.424	Yes
Application	cloudbees	jenkins	1.424.5	Yes
Application	cloudbees	jenkins	1.400	Yes
Application	cloudbees	jenkins	1.400.0.12	Yes

References

http://jvn.jp/en/jp/JVN79950061/index.html ([email protected])
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000023 ([email protected])
http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-03-05.cb Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/52384 ([email protected])
http://jvn.jp/en/jp/JVN79950061/index.html (af854a3a-2127-422b-91ae-364da2661108)
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000023 (af854a3a-2127-422b-91ae-364da2661108)
http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-03-05.cb Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/52384 (af854a3a-2127-422b-91ae-364da2661108)