CVE-2015-7536 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2015-7536 Interim 1 3 2025-04-22T23:47:24Z current 2021-05-30T13:33:51Z 2025-04-22T23:47:24Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2015-7536 Cross-site scripting (XSS) vulnerability in Jenkins before 1.640 and LTS before 1.625.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to workspaces and archived artifacts. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings Cross-site scripting (XSS) vulnerability in Jenkins before 1.640 and LTS before 1.625.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to workspaces and archived artifacts. CVE-2015-7536 moderate 3.5 AV:N/AC:M/Au:S/C:N/I:P/A:N 5.4 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N