An instance was found of Jenkins not sanitizing input before adding it to the page. This could be used for copy and paste attacks, with the end result being similar to that of cross-site scripting attacks. Upstream fix: https://github.com/jenkinsci/jenkins/commit/f8d2a0ba6c2e261f48287bdd95bd7a2d7a8d2d0e Acknowledgements: Red Hat would like to thank Teguh P. Alko for reporting this issue.
Statement: Not vulnerable. This issue did not affect the version of Jenkins as shipped with Red Hat OpenShift Enterprise 1.2 or 2.0.
This bug has been marked as duplicate of CVE-2013-0328: http://seclists.org/oss-sec/2014/q1/130 *** This bug has been marked as a duplicate of bug 914876 ***