← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master

« back to all changes in this revision

Viewing changes to retired/CVE-2013-6374

  • Committer: Steve Beattie
  • Date: 2019-02-19 06:18:27 UTC
  • Revision ID: sbeattie@ubuntu.com-20190219061827-oh57fzcfc1u9dlfk
The ubuntu-cve-tracker project has been converted to git.

Please use 'git clone https://git.launchpad.net/ubuntu-cve-tracker' to
get the converted tree.

Show diffs side-by-side

added added

removed removed

Lines of Context:
retired/CVE-2013-6374
1
 
Candidate: CVE-2013-6374
2
 
PublicDate: 2013-11-25
3
 
References:
4
 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6374
5
 
 https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-11-20
6
 
 https://wiki.jenkins-ci.org/display/JENKINS/Build+Failure+Analyzer
7
 
 http://secunia.com/advisories/55783
8
 
 http://osvdb.org/100106
9
 
Description:
10
 
 Cross-site scripting (XSS) vulnerability in the Build Failure Analyzer
11
 
 plugin before 1.5.1 for Jenkins allows remote authenticated users to inject
12
 
 arbitrary web script or HTML via unspecified vectors.
13
 
Ubuntu-Description:
14
 
Notes:
15
 
 jdstrand> Build Failure Analyzer plugin not found in source
16
 
Bugs:
17
 
Priority: low
18
 
Discovered-by:
19
 
Assigned-to:
20
 
 
21
 
Patches_jenkins:
22
 
upstream_jenkins: needs-triage
23
 
lucid_jenkins: DNE
24
 
precise_jenkins: not-affected (code-not-present)
25
 
quantal_jenkins: not-affected (code-not-present)
26
 
raring_jenkins: not-affected (code-not-present)
27
 
saucy_jenkins: not-affected (code-not-present)
28
 
devel_jenkins: not-affected (code-not-present)