CVE-2014-2067

Upstream information

CVE-2014-2067 at MITRE

Description

Cross-site scripting (XSS) vulnerability in java/hudson/model/Cause.java in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to inject arbitrary web script or HTML via a "remote cause note."

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having moderate severity.

CVSS v2 Scores
	National Vulnerability Database
Base Score	3.5
Vector	AV:N/AC:M/Au:S/C:N/I:P/A:N
Access Vector	Network
Access Complexity	Medium
Authentication	Single
Confidentiality Impact	None
Integrity Impact	Partial
Availability Impact	None

SUSE Bugzilla entry: 875241 [RESOLVED / FIXED]

No SUSE Security Announcements cross referenced.

CVE-2014-2067

Common Vulnerabilities and Exposures

Upstream information

Description

SUSE information

SUSE Linux Enterprise

SUSE Rancher

Solutions

Industries

Support

Services

Resources

Partners

Communities

About