Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2014-2067
Deferred
More InfoOfficial Page
Source-security@debian.org
View Known Exploited Vulnerability (KEV) details
Published At-01 Mar, 2014 | 00:01
Updated At-12 Apr, 2025 | 10:46

Cross-site scripting (XSS) vulnerability in java/hudson/model/Cause.java in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to inject arbitrary web script or HTML via a "remote cause note."

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.03.5LOW
AV:N/AC:M/Au:S/C:N/I:P/A:N
CPE Matches
Jenkins
jenkins
>>jenkins>>Versions up to 1.550(inclusive)
cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
Jenkins
jenkins
>>jenkins>>Versions up to 1.532.1(inclusive)
cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
Weaknesses
CWE IDTypeSource
CWE-79Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://seclists.org/oss-sec/2014/q1/421security@debian.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/91354security@debian.org
N/A
https://github.com/jenkinsci/jenkins/commit/5d57c855f3147bfc5e7fda9252317b428a700014security@debian.org
N/A
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14security@debian.org
Vendor Advisory
http://seclists.org/oss-sec/2014/q1/421af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/91354af854a3a-2127-422b-91ae-364da2661108
N/A
https://github.com/jenkinsci/jenkins/commit/5d57c855f3147bfc5e7fda9252317b428a700014af854a3a-2127-422b-91ae-364da2661108
N/A
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Change History
0Changes found
Details not found