CVE-2012-0324: XSS
First published: Fri Mar 09 2012(Updated: )
Cross-site scripting (XSS) vulnerability in Jenkins before 1.454, Jenkins LTS before 1.424.5, and Jenkins Enterprise 1.400.x before 1.400.0.13 and 1.424.x before 1.424.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0325.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Jenkins | =1.400 | |
| Jenkins | =1.400.0.12 | |
| Jenkins | =1.424 | |
| Jenkins | =1.424.5 | |
| Jenkins | =1.400 | |
| Jenkins | =1.400.0.12 | |
| Jenkins | <=1.453 | |
| Jenkins LTS | =1.301 | |
| Jenkins LTS | =1.302 | |
| Jenkins LTS | =1.303 | |
| Jenkins LTS | =1.304 | |
| Jenkins LTS | =1.305 | |
| Jenkins LTS | =1.306 | |
| Jenkins LTS | =1.307 | |
| Jenkins LTS | =1.308 | |
| Jenkins LTS | =1.309 | |
| Jenkins LTS | =1.310 | |
| Jenkins LTS | =1.311 | |
| Jenkins LTS | =1.312 | |
| Jenkins LTS | =1.313 | |
| Jenkins LTS | =1.314 | |
| Jenkins LTS | =1.315 | |
| Jenkins LTS | =1.316 | |
| Jenkins LTS | =1.317 | |
| Jenkins LTS | =1.318 | |
| Jenkins LTS | =1.319 | |
| Jenkins LTS | =1.320 | |
| Jenkins LTS | =1.321 | |
| Jenkins LTS | =1.322 | |
| Jenkins LTS | =1.323 | |
| Jenkins LTS | =1.324 | |
| Jenkins LTS | =1.325 | |
| Jenkins LTS | =1.326 | |
| Jenkins LTS | =1.327 | |
| Jenkins LTS | =1.328 | |
| Jenkins LTS | =1.329 | |
| Jenkins LTS | =1.330 | |
| Jenkins LTS | =1.331 | |
| Jenkins LTS | =1.332 | |
| Jenkins LTS | =1.333 | |
| Jenkins LTS | =1.334 | |
| Jenkins LTS | =1.335 | |
| Jenkins LTS | =1.336 | |
| Jenkins LTS | =1.337 | |
| Jenkins LTS | =1.338 | |
| Jenkins LTS | =1.339 | |
| Jenkins LTS | =1.340 | |
| Jenkins LTS | =1.341 | |
| Jenkins LTS | =1.342 | |
| Jenkins LTS | =1.343 | |
| Jenkins LTS | =1.344 | |
| Jenkins LTS | =1.345 | |
| Jenkins LTS | =1.346 | |
| Jenkins LTS | =1.347 | |
| Jenkins LTS | =1.348 | |
| Jenkins LTS | =1.349 | |
| Jenkins LTS | =1.350 | |
| Jenkins LTS | =1.351 | |
| Jenkins LTS | =1.352 | |
| Jenkins LTS | =1.353 | |
| Jenkins LTS | =1.354 | |
| Jenkins LTS | =1.355 | |
| Jenkins LTS | =1.356 | |
| Jenkins LTS | =1.357 | |
| Jenkins LTS | =1.358 | |
| Jenkins LTS | =1.359 | |
| Jenkins LTS | =1.360 | |
| Jenkins LTS | =1.361 | |
| Jenkins LTS | =1.362 | |
| Jenkins LTS | =1.363 | |
| Jenkins LTS | =1.364 | |
| Jenkins LTS | =1.365 | |
| Jenkins LTS | =1.366 | |
| Jenkins LTS | =1.367 | |
| Jenkins LTS | =1.368 | |
| Jenkins LTS | =1.369 | |
| Jenkins LTS | =1.370 | |
| Jenkins LTS | =1.371 | |
| Jenkins LTS | =1.372 | |
| Jenkins LTS | =1.373 | |
| Jenkins LTS | =1.374 | |
| Jenkins LTS | =1.375 | |
| Jenkins LTS | =1.376 | |
| Jenkins LTS | =1.377 | |
| Jenkins LTS | =1.378 | |
| Jenkins LTS | =1.379 | |
| Jenkins LTS | =1.380 | |
| Jenkins LTS | =1.382 | |
| Jenkins LTS | =1.383 | |
| Jenkins LTS | =1.384 | |
| Jenkins LTS | =1.386 | |
| Jenkins LTS | =1.387 | |
| Jenkins LTS | =1.388 | |
| Jenkins LTS | =1.389 | |
| Jenkins LTS | =1.390 | |
| Jenkins LTS | =1.391 | |
| Jenkins LTS | =1.392 | |
| Jenkins LTS | =1.393 | |
| Jenkins LTS | =1.394 | |
| Jenkins LTS | =1.395 | |
| Jenkins LTS | =1.396 | |
| Jenkins LTS | =1.397 | |
| Jenkins LTS | =1.398 | |
| Jenkins LTS | =1.399 | |
| Jenkins LTS | =1.400 | |
| Jenkins LTS | =1.401 | |
| Jenkins LTS | =1.402 | |
| Jenkins LTS | =1.403 | |
| Jenkins LTS | =1.404 | |
| Jenkins LTS | =1.405 | |
| Jenkins LTS | =1.406 | |
| Jenkins LTS | =1.407 | |
| Jenkins LTS | =1.408 | |
| Jenkins LTS | =1.409 | |
| Jenkins LTS | =1.409.1 | |
| Jenkins LTS | =1.409.2 | |
| Jenkins LTS | =1.410 | |
| Jenkins LTS | =1.411 | |
| Jenkins LTS | =1.412 | |
| Jenkins LTS | =1.413 | |
| Jenkins LTS | =1.414 | |
| Jenkins LTS | =1.415 | |
| Jenkins LTS | =1.416 | |
| Jenkins LTS | =1.417 | |
| Jenkins LTS | =1.418 | |
| Jenkins LTS | =1.419 | |
| Jenkins LTS | =1.420 | |
| Jenkins LTS | =1.421 | |
| Jenkins LTS | =1.422 | |
| Jenkins LTS | =1.423 | |
| Jenkins LTS | =1.424 | |
| Jenkins LTS | =1.425 | |
| Jenkins LTS | =1.426 | |
| Jenkins LTS | =1.427 | |
| Jenkins LTS | =1.428 | |
| Jenkins LTS | =1.429 | |
| Jenkins LTS | =1.430 | |
| Jenkins LTS | =1.431 | |
| Jenkins LTS | =1.432 | |
| Jenkins LTS | =1.433 | |
| Jenkins LTS | =1.434 | |
| Jenkins LTS | =1.435 | |
| Jenkins LTS | =1.436 | |
| Jenkins LTS | =1.437 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-0324?
CVE-2012-0324 has been classified as a moderate severity vulnerability due to its potential to allow remote code execution through cross-site scripting.
How do I fix CVE-2012-0324?
To fix CVE-2012-0324, upgrade Jenkins to version 1.454 or later or update to Jenkins LTS 1.424.5 or later.
What types of software are affected by CVE-2012-0324?
CVE-2012-0324 affects various versions of Jenkins, specifically those prior to versions 1.454, 1.424.5 for LTS, and 1.400.0.13 for Enterprise.
What can happen if CVE-2012-0324 is exploited?
If exploited, CVE-2012-0324 can allow attackers to inject arbitrary web scripts or HTML into the web pages viewed by users.
Who is primarily impacted by CVE-2012-0324?
Users of Jenkins versions below 1.454, including those using Jenkins LTS and Enterprise prior to specific patched releases, are primarily impacted by CVE-2012-0324.
- agent/type
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cloudbees
- canonical/jenkins
- version/jenkins/1.400
- version/jenkins/1.400.0.12
- version/jenkins/1.424
- version/jenkins/1.424.5
- version/jenkins/1.453
- vendor/jenkins
- canonical/jenkins lts
- version/jenkins lts/1.301
- version/jenkins lts/1.302
- version/jenkins lts/1.303
- version/jenkins lts/1.304
- version/jenkins lts/1.305
- version/jenkins lts/1.306
- version/jenkins lts/1.307
- version/jenkins lts/1.308
- version/jenkins lts/1.309
- version/jenkins lts/1.310
- version/jenkins lts/1.311
- version/jenkins lts/1.312
- version/jenkins lts/1.313
- version/jenkins lts/1.314
- version/jenkins lts/1.315
- version/jenkins lts/1.316
- version/jenkins lts/1.317
- version/jenkins lts/1.318
- version/jenkins lts/1.319
- version/jenkins lts/1.320
- version/jenkins lts/1.321
- version/jenkins lts/1.322
- version/jenkins lts/1.323
- version/jenkins lts/1.324
- version/jenkins lts/1.325
- version/jenkins lts/1.326
- version/jenkins lts/1.327
- version/jenkins lts/1.328
- version/jenkins lts/1.329
- version/jenkins lts/1.330
- version/jenkins lts/1.331
- version/jenkins lts/1.332
- version/jenkins lts/1.333
- version/jenkins lts/1.334
- version/jenkins lts/1.335
- version/jenkins lts/1.336
- version/jenkins lts/1.337
- version/jenkins lts/1.338
- version/jenkins lts/1.339
- version/jenkins lts/1.340
- version/jenkins lts/1.341
- version/jenkins lts/1.342
- version/jenkins lts/1.343
- version/jenkins lts/1.344
- version/jenkins lts/1.345
- version/jenkins lts/1.346
- version/jenkins lts/1.347
- version/jenkins lts/1.348
- version/jenkins lts/1.349
- version/jenkins lts/1.350
- version/jenkins lts/1.351
- version/jenkins lts/1.352
- version/jenkins lts/1.353
- version/jenkins lts/1.354
- version/jenkins lts/1.355
- version/jenkins lts/1.356
- version/jenkins lts/1.357
- version/jenkins lts/1.358
- version/jenkins lts/1.359
- version/jenkins lts/1.360
- version/jenkins lts/1.361
- version/jenkins lts/1.362
- version/jenkins lts/1.363
- version/jenkins lts/1.364
- version/jenkins lts/1.365
- version/jenkins lts/1.366
- version/jenkins lts/1.367
- version/jenkins lts/1.368
- version/jenkins lts/1.369
- version/jenkins lts/1.370
- version/jenkins lts/1.371
- version/jenkins lts/1.372
- version/jenkins lts/1.373
- version/jenkins lts/1.374
- version/jenkins lts/1.375
- version/jenkins lts/1.376
- version/jenkins lts/1.377
- version/jenkins lts/1.378
- version/jenkins lts/1.379
- version/jenkins lts/1.380
- version/jenkins lts/1.382
- version/jenkins lts/1.383
- version/jenkins lts/1.384
- version/jenkins lts/1.386
- version/jenkins lts/1.387
- version/jenkins lts/1.388
- version/jenkins lts/1.389
- version/jenkins lts/1.390
- version/jenkins lts/1.391
- version/jenkins lts/1.392
- version/jenkins lts/1.393
- version/jenkins lts/1.394
- version/jenkins lts/1.395
- version/jenkins lts/1.396
- version/jenkins lts/1.397
- version/jenkins lts/1.398
- version/jenkins lts/1.399
- version/jenkins lts/1.400
- version/jenkins lts/1.401
- version/jenkins lts/1.402
- version/jenkins lts/1.403
- version/jenkins lts/1.404
- version/jenkins lts/1.405
- version/jenkins lts/1.406
- version/jenkins lts/1.407
- version/jenkins lts/1.408
- version/jenkins lts/1.409
- version/jenkins lts/1.409.1
- version/jenkins lts/1.409.2
- version/jenkins lts/1.410
- version/jenkins lts/1.411
- version/jenkins lts/1.412
- version/jenkins lts/1.413
- version/jenkins lts/1.414
- version/jenkins lts/1.415
- version/jenkins lts/1.416
- version/jenkins lts/1.417
- version/jenkins lts/1.418
- version/jenkins lts/1.419
- version/jenkins lts/1.420
- version/jenkins lts/1.421
- version/jenkins lts/1.422
- version/jenkins lts/1.423
- version/jenkins lts/1.424
- version/jenkins lts/1.425
- version/jenkins lts/1.426
- version/jenkins lts/1.427
- version/jenkins lts/1.428
- version/jenkins lts/1.429
- version/jenkins lts/1.430
- version/jenkins lts/1.431
- version/jenkins lts/1.432
- version/jenkins lts/1.433
- version/jenkins lts/1.434
- version/jenkins lts/1.435
- version/jenkins lts/1.436
- version/jenkins lts/1.437