Skip to content

Stored XSS vulnerability in Jenkins Pipeline: Supporting APIs Plugin

High severity GitHub Reviewed Published Oct 19, 2022 to the GitHub Advisory Database • Updated Jan 4, 2024

Package

maven org.jenkins-ci.plugins.workflow:workflow-support (Maven)

Affected versions

< 839.v35e2736cfd5c

Patched versions

839.v35e2736cfd5c

Description

Pipeline: Supporting APIs Plugin provides a feature to add hyperlinks, that send POST requests when clicked, to build logs. These links are used by Pipeline: Input Step Plugin to allow users to proceed or abort the build, or by Pipeline: Job Plugin to allow users to forcibly terminate the build after aborting it.

Pipeline: Supporting APIs Plugin 838.va_3a_087b_4055b and earlier does not sanitize or properly encode URLs of these hyperlinks in build logs.

This results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create Pipelines.

Pipeline: Supporting APIs Plugin 839.v35e2736cfd5c properly encodes URLs of these hyperlinks in build logs.

References

Published by the National Vulnerability Database Oct 19, 2022
Published to the GitHub Advisory Database Oct 19, 2022
Reviewed Oct 19, 2022
Last updated Jan 4, 2024

Severity

High
8.0
/ 10

CVSS base metrics

Attack vector
Network
Attack complexity
Low
Privileges required
Low
User interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Weaknesses

CVE ID

CVE-2022-43409

GHSA ID

GHSA-64r9-x74q-wxmh

Source code

Credits

Checking history
See something to contribute? Suggest improvements for this vulnerability.