Low severityNVD Advisory· Published Mar 9, 2012· Updated Apr 29, 2026
CVE-2012-0325
CVE-2012-0325
Description
Cross-site scripting (XSS) vulnerability in Jenkins before 1.454, Jenkins LTS before 1.424.5, and Jenkins Enterprise 1.400.x before 1.400.0.13 and 1.424.x before 1.424.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0324.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jenkins-ci.main:jenkins-coreMaven | >= 1.425, < 1.454 | 1.454 |
org.jenkins-ci.main:jenkins-coreMaven | < 1.424.5 | 1.424.5 |
Affected products
145cpe:2.3:a:cloudbees:jenkins:*:*:*:*:*:*:*:*+ 143 more
- cpe:2.3:a:cloudbees:jenkins:*:*:*:*:*:*:*:*range: <=1.453
- cpe:2.3:a:cloudbees:jenkins:1.400.0.12:*:enterprise:*:*:*:*:*
- cpe:2.3:a:cloudbees:jenkins:1.400.0.12:*:lts:*:*:*:*:*
- cpe:2.3:a:cloudbees:jenkins:1.400:*:enterprise:*:*:*:*:*
- cpe:2.3:a:cloudbees:jenkins:1.400:*:lts:*:*:*:*:*
- cpe:2.3:a:cloudbees:jenkins:1.424.5:*:enterprise:*:*:*:*:*
- cpe:2.3:a:cloudbees:jenkins:1.424:*:enterprise:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.301:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.302:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.303:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.304:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.305:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.306:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.307:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.308:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.309:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.310:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.311:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.312:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.313:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.314:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.315:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.316:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.317:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.318:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.319:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.320:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.321:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.322:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.323:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.324:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.325:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.326:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.327:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.328:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.329:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.330:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.331:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.332:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.333:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.334:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.335:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.336:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.337:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.338:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.339:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.340:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.341:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.342:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.343:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.344:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.345:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.346:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.347:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.348:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.349:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.350:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.351:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.352:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.353:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.354:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.355:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.356:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.357:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.358:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.359:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.360:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.361:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.362:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.363:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.364:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.365:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.366:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.367:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.368:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.369:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.370:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.371:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.372:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.373:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.374:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.375:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.376:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.377:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.378:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.379:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.380:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.382:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.383:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.384:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.386:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.387:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.388:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.389:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.390:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.391:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.392:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.393:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.394:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.395:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.396:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.397:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.398:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.399:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.400:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.401:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.402:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.403:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.404:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.405:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.406:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.407:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.408:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.409:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.409.1:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.409.2:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.410:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.411:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.412:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.413:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.414:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.415:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.416:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.417:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.418:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.419:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.420:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.421:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.422:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.423:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.424:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.425:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.426:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.427:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.428:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.429:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.430:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.431:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.432:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.433:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.434:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.435:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.436:*:*:*:*:*:*:*
- cpe:2.3:a:jenkins:jenkins:1.437:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-03-05.cbnvdVendor AdvisoryWEB
- github.com/advisories/GHSA-cc55-c9j4-m7cxghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2012-0325ghsaADVISORY
- jvn.jp/en/jp/JVN79950061/index.htmlnvdWEB
- jvndb.jvn.jp/jvndb/JVNDB-2012-000023nvdWEB
- web.archive.org/web/20200229025003/http://www.securityfocus.com/bid/52384ghsaWEB
- www.securityfocus.com/bid/52384nvd
News mentions
0No linked articles in our index yet.