Jenkins allows Cross-Site Scripting (XSS)
Research is free — Hunters explains how the bug works, the root-cause code pattern, how the fix addresses it, and how to test whether a target is affected, in chat. Investigate & write exploit is a paid run — the engine reads the advisory and fix commits, then builds and validates a working proof-of-concept exploit with reproduction steps.
Affected versions
1.597 → fixed in 1.6060 → fixed in 1.596.2
Details
Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-1812.
The fix
[FIXED SECURITY-171]
core/src/main/java/hudson/util/FormValidation.java+1 −1
@@ -196,7 +196,7 @@ private static FormValidation _error(Kind kind, Throwable e, String message) {" <a href='#' class='showDetails'>"+ Messages.FormValidation_Error_Details()+ "</a><pre style='display:none'>"-+ Functions.printThrowable(e) +++ Util.escape(Functions.printThrowable(e)) +"</pre>",kind);}
References
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2015-1813
- WEBhttps://github.com/jenkinsci/jenkins/commit/feb2703adb0c121705e5c8e9ddf8f663b6481cbd
- WEBhttps://access.redhat.com/errata/RHSA-2016:0070
- WEBhttps://bugzilla.redhat.com/show_bug.cgi?id=1205615
- PACKAGEhttps://github.com/jenkinsci/jenkins
- WEBhttps://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23
- WEBhttp://rhn.redhat.com/errata/RHSA-2015-1844.html