GitHub Advisory DatabaseGHSA-88QJ-3Q6H-8M5QJenkins Build Environment Plugin vulnerable to Cross-site Scripting
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
Percentile
22.0%
Build Environment Plugin did not escape values of environment variables shown on its views. This resulted in a cross-site scripting vulnerability exploitable by attackers able to control the values of build environment variables, typically users with Job/Configure or Job/Build permission.
Jenkins applies the missing escaping by default since 2.146 and LTS 2.138.2, so newer Jenkins releases are not affected by this vulnerability.
Build Environment Plugin now escapes all variables displayed in its views.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| org.jenkins-ci.plugins | build-environment | * | cpe:2.3:a:org.jenkins-ci.plugins:build-environment:*:*:*:*:*:*:*:* |
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
Percentile
22.0%