Jenkins < 1.502 / 1.480.3 and Jenkins Enterprise 1.447.x / 1.466.x / 1.480.x < 1.447.7.1 / 1.466.13.1 / 1.480.3.1 Multiple Vulnerabilities
High Nessus Plugin ID 65056
SynopsisThe remote web server hosts a job scheduling / management system that
is affected by multiple vulnerabilities.
DescriptionThe remote web server hosts a version of Jenkins or Jenkins Enterprise
that is affected by multiple vulnerabilities :
- An unspecified cross-site scripting vulnerability.
- Multiple unspecified cross-site request forgery
vulnerabilities. (CVE-2013-0327, CVE-2013-0329)
- An unspecified denial of service vulnerability.
- An unspecified security bypass vulnerability exists
that could allow an attacker to build otherwise
restricted jobs. (CVE-2013-0330)
SolutionUpgrade to Jenkins 1.502 / 1.480.3, Jenkins Enterprise 1.447.7.1 /
1.466.13.1 / 1.480.3.1 or later.