CVE-2023-32977 – org.jenkins-ci.plugins.workflow:workflow-job

Package

Manager: maven
Name: org.jenkins-ci.plugins.workflow:workflow-job
Vulnerable Version: >=0 <1295.v395eb

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS: 0.00963 pctl0.75629

Details

Jenkins Pipeline: Job Plugin vulnerable to stored Cross-site Scripting Jenkins Pipeline: Job Plugin 1292.v27d8cc3e2602 and earlier does not escape the display name of the build that caused an earlier build to be aborted, when "Do not allow concurrent builds" is set. This results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to set build display names immediately. The Jenkins security team is not aware of any plugins that allow the exploitation of this vulnerability, as the build name must be set before the build starts. Pipeline: Job Plugin 1295.v395eb_7400005 escapes the display name of the build that caused an earlier build to be aborted.

Metadata

Created: 2023-05-16T18:30:16Z
Modified: 2023-05-17T02:58:11Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/05/GHSA-2wvv-phhw-qvmc/GHSA-2wvv-phhw-qvmc.json
CWE IDs: ["CWE-79"]
Alternative ID: GHSA-2wvv-phhw-qvmc
Finding: F425
Auto approve: 1