CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2011-4344
https://notcve.org/view.php?id=CVE-2011-4344
01 Dec 2011 — Cross-site scripting (XSS) vulnerability in Jenkins Core in Jenkins before 1.438, and 1.409 LTS before 1.409.3 LTS, when a stand-alone container is used, allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages. Vulnerabilidad de XSS en Jenkins Core en Jenkins en versiones anteriores a 1.438 y 1.409 LTS en versiones anteriores a 1.409.3 LTS, cuando se utiliza un contenedor independiente, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitr... • http://groups.google.com/group/jenkinsci-advisories/msg/1b94588f90f876b5?dmode=source&output=gplain • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •