Skip to content

Reflected XSS possible via pipeline comparisons

Moderate
chadlwilson published GHSA-3vvq-q4qv-x2gf May 8, 2022

Package

gocd-server

Affected versions

>= 20.2.0, < 21.4.0

Patched versions

21.4.0

Description

Impact

GoCD versions 20.2.0 through 21.4.0 (inclusive) are vulnerable to reflected XSS via abuse of the pipeline comparison function's error handling to render arbitrary HTML into the returned page. This could allow an attacker to trick a victim into executing code which would allow the attacker to operate on, or gain control over the same resources as the victim had access to.

Patches

Fixed in GoCD 21.4.0.

Workarounds

Block access to /go/compare/.* prior to GoCD Server via a reverse proxy, web application firewall or equivalent, which would prevent use of the pipeline comparison function.

References

For more information

If you have any questions or comments about this advisory:

Severity

Moderate
4.3
/ 10

CVSS base metrics

Attack vector
Network
Attack complexity
Low
Privileges required
None
User interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CVE ID

CVE-2022-29183

Weaknesses

Credits