FreeBSD : jenkins -- XSS vulnerability (9448a82f-6878-11e1-865f-00e0814cab4e)

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Jenkins Security Advisory reports :

An XSS vulnerability was found in Jenkins core, which allows an
attacker to inject malicious HTMLs to pages served by Jenkins. This
allows an attacker to escalate his privileges by hijacking sessions of
other users. This vulnerability affects all versions.

See also :

http://www.nessus.org/u?35c7df20
http://www.nessus.org/u?68834552

Solution :

Update the affected package.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 58283 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now