Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

SDLC

Jenkins

Jenkins is a free and open source automation server. It helps automate the parts of software development related to building testing and deploying facilitating continuous integration and continuous delivery. It is a server-based system that runs in servlet containers such as Apache Tomcat.

Official Site:

https://www.jenkins.io/

Severity Summary:

Critical: 19 High: 58 Medium: 168 Low: 11
Reference
Title
Severity
CVE-2014-9634
Jenkins 7PK - Security Features Vulnerability
Medium
CVE-2012-0324
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-5318
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability
Medium
CVE-2015-5319
Jenkins Other Vulnerability
Medium
CVE-2015-5326
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-7536
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2012-6072
Jenkins Improper Input Validation Vulnerability
Medium
CVE-2019-10405
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-21670
Jenkins Incorrect Authorization Vulnerability
Medium
CVE-2025-27622
Jenkins Cleartext Storage of Sensitive Information Vulnerability
Medium
CVE-2023-27903
Jenkins Incorrect Authorization Vulnerability
Medium
CVE-2023-27904
Jenkins Vulnerability
Medium
CVE-2023-27902
Jenkins Vulnerability
Medium
CVE-2021-43859
Jenkins Uncontrolled Resource Consumption Vulnerability
Medium
CVE-2022-41224
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2025-31720
Jenkins Missing Authorization Vulnerability
Medium
CVE-2025-27625
Jenkins URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Medium
CVE-2025-27623
Jenkins Cleartext Storage of Sensitive Information Vulnerability
Medium
CVE-2025-31721
Jenkins Missing Authorization Vulnerability
Medium
CVE-2024-47804
Jenkins Vulnerability
Medium
CVE-2025-27624
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability
Medium
CVE-2025-59476
Jenkins Improper Output Neutralization for Logs Vulnerability
Medium
CVE-2025-59475
Jenkins Missing Authorization Vulnerability
Medium
CVE-2025-59474
Jenkins Missing Authorization Vulnerability
Medium
CVE-2025-67638
Jenkins Cleartext Storage of Sensitive Information Vulnerability
Medium
CVE-2025-67637
Jenkins Cleartext Storage of Sensitive Information Vulnerability
Medium
CVE-2025-67636
Jenkins Missing Authorization Vulnerability
Medium
CVE-2026-27100
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2015-5317
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2024-47803
Jenkins Generation of Error Message Containing Sensitive Information Vulnerability
Medium