vulnerability

FreeBSD: VID-9720BB39-F82A-402F-9FE4-E2C875BDDA83 (CVE-2019-10406): jenkins -- multiple vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:S/C:N/I:P/A:N)	Sep 25, 2019	Sep 26, 2019	Jan 22, 2020

Severity

CVSS

(AV:N/AC:M/Au:S/C:N/I:P/A:N)

Published

Sep 25, 2019

Added

Sep 26, 2019

Modified

Jan 22, 2020

Description

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From VID-9720BB39-F82A-402F-9FE4-E2C875BDDA83:

Jenkins Security Advisory:

Description

(Medium) SECURITY-1498 / CVE-2019-10401

Stored XSS vulnerability in expandable textbox form control

(Medium) SECURITY-1525 / CVE-2019-10402

XSS vulnerability in combobox form control

(Medium) SECURITY-1537 (1) / CVE-2019-10403

Stored XSS vulnerability in SCM tag action tooltip

(Medium) SECURITY-1537 (2) / CVE-2019-10404

Stored XSS vulnerability in queue item tooltip

(Medium) SECURITY-1505 / CVE-2019-10405

Diagnostic web page exposed Cookie HTTP header

(Medium) SECURITY-1471 / CVE-2019-10406

XSS vulnerability in Jenkins URL setting

Solutions

freebsd-upgrade-package-jenkinsfreebsd-upgrade-package-jenkins-lts

References

NVD-CVE-2019-10406

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today