VDB
CVE-2013-5573
CVE-2013-5573
PUBLISHED
Reported by mitre · Published December 31, 2013
Cross-site scripting (XSS) vulnerability in the default markup formatter in Jenkins 1.523 allows remote attackers to inject arbitrary web script or HTML via the Description field in the user configuration.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | *, n/a, n/a |
| Maven | org.jenkins-ci.main:jenkins-core | 0, 0 |
Exploit Intelligence
- http://packetstormsecurity.com/files/124513 (nist-nvd)
- http://seclists.org/bugtraq/2013/Dec/104 (nist-nvd)
- 30408 (cve.org)
Timeline
- Dec 31, 2013 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 16, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
References
- 64414 vdb-entryx_refsource_BID
- 101187 vdb-entryx_refsource_OSVDB
- 20131217 [CVE-2013-5573] Jenkins v1.523 Default markup formatter permits offsite-bound forms mailing-listx_refsource_BUGTRAQ
- 20131217 [CVE-2013-5573] Jenkins v1.523 Default markup formatter permits offsite-bound forms mailing-listx_refsource_FULLDISC
- 30408 exploitx_refsource_EXPLOIT-DB
- x_refsource_MISC
- jenkins-cve20135573-xss(89872) vdb-entryx_refsource_XF
- https://nvd.nist.gov/vuln/detail/CVE-2013-5573 advisory
- https://github.com/advisories/GHSA-52g6-pfrq-rxfv advisory
- https://github.com/jenkinsci/jenkins url
- https://web.archive.org/web/20200229071540/http://www.securityfocus.com/bid/64414 url