|Category:||Web application abuses|
|Title:||Jenkins Multiple Vulnerabilities Nov 17 (Linux)|
|Summary:||This host is installed with Jenkins and is prone to; multiple vulnerabilities.|
This host is installed with Jenkins and is prone to
Multiple flaws are due to,
- unsafe use of user names as directory names
- a persisted XSS vulnerability in autocompletion suggestions
Successful exploitation will allow remote attackers to
affect the integrity of the application.
Impact Level: Application
Jenkins LTS 2.73.2 and prior, Jenkins weekly up to and including 2.88.
Upgrade to Jenkins weekly to 2.89 or later / Jenkins LTS to 2.73.3 or
later. For more updates refer to https://www.cloudbees.com
Common Vulnerability Exposure (CVE) ID: CVE-2017-1000391|
Common Vulnerability Exposure (CVE) ID: CVE-2017-1000392
|Copyright||Copyright (C) 2017 Greenbone Networks GmbH|
|This is only one of 68714 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.