Jenkins Security Advisory 2012-09-17
The second vulnerability in Jenkins core is a cross-site scripting
vulnerability. This allows an attacker to craft a URL that points to Jenkins,
and if a legitimate user clicks this link, the attacker will be able to hijack
the user session.
The following versions incorporate fixes to the vulnerabilities found in the
-Main line users should upgrade to Jenkins 1.482
-LTS users should upgrade to 1.466.2