TechMedia – Page 81087

[org.jenkins-ci.plugins:fortify-on-demand-uploader] Users with Overall/Read access could enumerate credentials IDs in Jenkins Fortify on Demand Plugin

Fortify on Demand Plugin provides a list of applicable credentials IDs to allow users configuring the plugin to select the one to use.
This functionality does not correctly check permissions in Fortify on Demand Plugin 6.0.0 and earlier, allowing any u…

[org.jenkins-ci.plugins:sonargraph-integration] Stored XSS vulnerability in Jenkins Sonargraph Integration Plugin

Sonargraph Integration Plugin 3.0.0 and earlier does not escape the file path for the Log file field form validation.
This results in a stored cross-site scripting (XSS) vulnerability that can be exploited by users with Job/Configure permission.
Sonarg…

[org.jenkins-ci.plugins:fortify-on-demand-uploader] CSRF vulnerability in Jenkins Fortify on Demand Plugin

A cross-site request forgery vulnerability in Jenkins Fortify on Demand Plugin 5.0.1 and earlier allows attackers to connect to the globally configured Fortify on Demand endpoint using attacker-specified credentials IDs.
This form validation method req…

[hudson.plugins:project-inheritance] Missing permission check in Jenkins Project Inheritance Plugin

Jenkins Project Inheritance Plugin 21.04.03 and earlier does not redact encrypted secrets in the ‘getConfigAsXML’ API URL when transmitting job config.xml data to users without Job/Configure.
References

https://nvd.nist.gov/vuln/detail/CVE-2020-2198
h…

[hudson.plugins:project-inheritance] Missing permission check in Jenkins Project Inheritance Plugin

Jenkins limits access to job configuration XML data (config.xml) to users with Job/ExtendedRead permission, typically implied by Job/Configure permission. Project Inheritance Plugin has several job inspection features, including the API URL /job/…/get…

[org.jenkins-ci.plugins:svn-partial-release-mgr] XSS vulnerability in Jenkins Subversion Partial Release Manager Plugin

Subversion Partial Release Manager Plugin 1.0.1 and earlier does not escape the error message for the repository URL field form validation.
This results in a reflected cross-site scripting (XSS) vulnerability that can also be exploited similar to a sto…

[org.jenkins-ci.plugins:play-autotest-plugin] OS command injection vulnerability in Jenkins Play Framework Plugin

Posted inHIGH
Posted byWpmaster
05/25/202212/22/2022

A form validation endpoint in Play Framework Plugin executes the play command to validate a given input file.
Play Framework Plugin 1.0.2 and earlier lets users specify the path to the play command on the Jenkins controller. This results in an OS comma…

[org.jenkins-ci.plugins:swarm] CSRF vulnerability in Jenkins Swarm Plugin

Swarm Plugin adds API endpoints to add or remove agent labels. In Swarm Plugin 3.20 and earlier these only require a global Swarm secret to use, and no regular permission check is performed. This allows users with Agent/Create permission to add or remo…

[org.jenkins-ci.plugins:swarm] Improper permission checks in Jenkins Swarm Plugin

[io.jenkins.plugins:echarts-api] Stored XSS vulnerability in Jenkins ECharts API Plugin

ECharts API Plugin 4.7.0-3 and earlier does not escape the parser identifier when rendering charts.
This results in a stored cross-site scripting (XSS) vulnerability that can be exploited by users with Job/Configure permission.
ECharts API Plugin 4.7.0…