| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-1814 | 7.5 |
The API token-issuing service in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to gain privileges via a "forced API token change" involving anonymous users.
|
15-06-2016 - 17:04 | 16-10-2015 - 20:59 | |
| CVE-2015-1812 | 4.3 |
Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-1813.
|
15-06-2016 - 17:02 | 16-10-2015 - 20:59 | |
| CVE-2015-1813 | 4.3 |
Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-1812.
|
15-06-2016 - 14:35 | 16-10-2015 - 20:59 |