CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 2CVE-2020-2231 – Jenkins 2.235.3 - 'X-Forwarded-For' Stored XSS
https://notcve.org/view.php?id=CVE-2020-2231
Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the remote address of the host starting a build via 'Trigger builds remotely', resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users with Job/Configure permission or knowledge of the Authentication Token. Jenkins versiones 2.251 y anteriores, versiones LTS 2.235.3 y anteriores, no escapa la dirección remota del host que inicia una compilación por medio de "Trigger builds remotely", resultando en una vulnerabilidad de tipo cross-site scripting (XSS) almacenado explotables por usuarios con permiso de Trabajo y Configuración o conocimiento del Token de Autenticación A flaw was found in Jenkins versions prior to 2.251 and LTS 2.235.3. The remote address of hosts starting a build via 'Trigger builds remotely' are not properly escaped leading to a potential stored cross-site scripting (XSS) vulnerability exploitable by users with Job/Configure permission or knowledge of the authentication token. The highest threat from this vulnerability is to data confidentiality and integrity. Jenkins versions 2.251 and below and LTS 2.235.3 and below suffer from a persistent cross site scripting vulnerability. • https://www.exploit-db.com/exploits/49244 http://packetstormsecurity.com/files/160616/Jenkins-2.251-LTS-2.235.3-Cross-Site-Scripting.html http://www.openwall.com/lists/oss-security/2020/08/12/4 https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1960 https://access.redhat.com/security/cve/CVE-2020-2231 https://bugzilla.redhat.com/show_bug.cgi?id=1875234 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 2CVE-2020-2229 – Jenkins 2.235.3 - 'tooltip' Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2020-2229
Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the tooltip content of help icons, resulting in a stored cross-site scripting (XSS) vulnerability. Jenkins versiones 2.251 y anteriores, versiones LTS 2.235.3 y anteriores, no escapan el contenido de tooltip de los iconos de ayuda, resultando en una vulnerabilidad de tipo cross-site scripting (XSS) almacenado A flaw was found in Jenkins in versions prior to 2.251 and LTS 2.235.3. Tooltip values, which are not properly escaped, can be contributed by plugins and use user-specified values. This results in a potential stored cross-site scripting (XSS) vulnerability. This highest threat from this vulnerability is to data confidentiality and integrity. • https://www.exploit-db.com/exploits/49232 http://packetstormsecurity.com/files/160443/Jenkins-2.235.3-Cross-Site-Scripting.html http://www.openwall.com/lists/oss-security/2020/08/12/4 https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1955 https://access.redhat.com/security/cve/CVE-2020-2229 https://bugzilla.redhat.com/show_bug.cgi?id=1874830 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 2CVE-2020-2230 – Jenkins 2.235.3 - 'Description' Stored XSS
https://notcve.org/view.php?id=CVE-2020-2230
Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the project naming strategy description, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users with Overall/Manage permission. Jenkins versiones 2.251 y anteriores, versiones LTS 2.235.3 y anteriores, no escapan la descripción de la estrategia de nombramiento del proyecto, resultando en una vulnerabilidad de tipo cross-site scripting (XSS) almacenado explotable por usuarios con permiso General y de Administración A flaw was found in Jenkins in versions prior to 2.251 and LTS 2.235.3. The project naming strategy description, displayed on item creation, is not properly escaped. This can result in a stored cross-site scripting (XSS) vulnerability exploitable by users with Overall/Manage permissions. The highest threat from this vulnerability is to data confidentiality and integrity. • https://www.exploit-db.com/exploits/49237 http://packetstormsecurity.com/files/160443/Jenkins-2.235.3-Cross-Site-Scripting.html http://www.openwall.com/lists/oss-security/2020/08/12/4 https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1957 https://access.redhat.com/security/cve/CVE-2020-2230 https://bugzilla.redhat.com/show_bug.cgi?id=1875232 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2020-2223 – jenkins: Stored XSS vulnerability in console links
https://notcve.org/view.php?id=CVE-2020-2223
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape correctly the 'href' attribute of links to downstream jobs displayed in the build console page, resulting in a stored cross-site scripting vulnerability. Jenkins versiones 2.244 y anteriores, LTS versiones 2.235.1 y anteriores, no escapan apropiadamente el atributo "href" de los enlaces en trabajos posteriores que se muestran en la página de la consola de compilación, resultando en una vulnerabilidad de tipo cross-site scripting almacenado A flaw was found in Jenkins versions 2.244 and prior and in LTS 2.235.1 and prior. HREF attribute of links to downstream jobs are not escaped on build console pages which could lead to a stored cross-site scripting (XSS) vulnerability. The user must have the Agent/Configure permission for this exploit to function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • http://www.openwall.com/lists/oss-security/2020/07/15/5 https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1945 https://access.redhat.com/security/cve/CVE-2020-2223 https://bugzilla.redhat.com/show_bug.cgi?id=1857433 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2020-2220 – jenkins: Stored XSS vulnerability in job build time trend
https://notcve.org/view.php?id=CVE-2020-2220
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the agent name in the build time trend page, resulting in a stored cross-site scripting vulnerability. Jenkins versiones 2.244 y anteriores, LTS versiones 2.235.1 y anteriores, no escapan el nombre del agente en la página de tendencia del tiempo de compilación, resultando en una vulnerabilidad de tipo cross-site scripting almacenado A flaw was found in Jenkins versions 2.244 and prior and in LTS 2.235.1 and prior. The agent name is not escaped on build time trend pages which could lead to a stored cross-site scripting (XSS) vulnerability. The user must have the Agent/Configure permission for this exploit to function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • http://www.openwall.com/lists/oss-security/2020/07/15/5 https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1868 https://access.redhat.com/security/cve/CVE-2020-2220 https://bugzilla.redhat.com/show_bug.cgi?id=1857425 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •