ghsa-gghc-g8cj-4vfv
Vulnerability from github
Published
2022-05-24 19:16
Modified
2023-10-27 16:02
Severity
6.1 (Medium) - CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Stored XSS vulnerability in Jenkins Git Plugin
Details

Jenkins Git Plugin 4.8.2 and earlier does not escape the Git SHA-1 checksum parameters provided to commit notifications when displaying them in a build cause.

This results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to submit crafted commit notifications to the /git/notifyCommit endpoint.

Jenkins Git Plugin 4.8.3 rejects Git SHA-1 checksum parameters that do not match the expected format. Existing values are sanitized when displayed on the UI.

This vulnerability is only exploitable in Jenkins 2.314 and earlier, LTS 2.303.1 and earlier. See the LTS upgrade guide.

Show details on source website

To clipboard 

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.8.2"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.plugins:git"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.8.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-21684"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-116",
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-12-15T17:36:30Z",
    "nvd_published_at": "2021-10-06T23:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Jenkins Git Plugin 4.8.2 and earlier does not escape the Git SHA-1 checksum parameters provided to commit notifications when displaying them in a build cause.\n\nThis results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to submit crafted commit notifications to the `/git/notifyCommit` endpoint.\n\nJenkins Git Plugin 4.8.3 rejects Git SHA-1 checksum parameters that do not match the expected format. Existing values are sanitized when displayed on the UI.\n\nThis vulnerability is only exploitable in Jenkins 2.314 and earlier, LTS 2.303.1 and earlier. See the [LTS upgrade guide](https://www.jenkins.io/doc/upgrade-guide/2.303/#SECURITY-2452).",
  "id": "GHSA-gghc-g8cj-4vfv",
  "modified": "2023-10-27T16:02:41Z",
  "published": "2022-05-24T19:16:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21684"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jenkinsci/git-plugin/commit/5474cc942bfba60927be629ff47fb41c38c66741"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jenkinsci/git-plugin"
    },
    {
      "type": "WEB",
      "url": "https://www.jenkins.io/security/advisory/2021-10-06/#SECURITY-2499"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2021/10/06/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Stored XSS vulnerability in Jenkins Git Plugin"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.