CVE-2022-29182

DOM-based XSS in GoCD

Severity Score

5.4

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

GoCD is a continuous delivery server. GoCD versions 19.11.0 through 21.4.0 (inclusive) are vulnerable to a Document Object Model (DOM)-based cross-site scripting attack via a pipeline run's Stage Details > Graphs tab. It is possible for a malicious script on a attacker-hosted site to execute script that will run within the user's browser context and GoCD session via abuse of a messaging channel used for communication between with the parent page and the stage details graph's iframe. This could allow an attacker to steal a GoCD user's session cookies and/or execute malicious code in the user's context. This issue is fixed in GoCD 22.1.0. There are currently no known workarounds.

GoCD es un servidor de entrega continua. GoCD versiones 19.11.0 a 21.4.0 (inclusive), son vulnerables a un ataque de tipo cross-site scripting attack basado en el Modelo de Objetos de Documentos (DOM) por medio de la pestaña Stage Details ) Graphs de una ejecución de canalización. Es posible que un script malicioso en un sitio alojado por el atacante ejecute un script que será ejecutado dentro del contexto del navegador del usuario y de la sesión GoCD por medio de un abuso de un canal de mensajería usado para la comunicación entre la página principal y el iframe del gráfico de detalles de la etapa. Esto podría permitir a un atacante robar las cookies de sesión de un usuario de GoCD y/o ejecutar código malicioso en el contexto del usuario. Este problema ha sido corregido en GoCD versión 22.1.0. Actualmente no se conocen mitigaciones

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

None

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

None

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-04-13 CVE Reserved
2022-05-20 CVE Published
2023-12-11 EPSS Updated
2024-08-03 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CAPEC

References (4)

URL	Tag	Source
https://github.com/gocd/gocd/releases/tag/22.1.0	Release Notes
https://github.com/gocd/gocd/security/advisories/GHSA-qcg6-4q44-3589	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
https://github.com/gocd/gocd/pull/10190/commits/a256d05de1445e6c77843f098581fc6a66fe4477	2022-06-06

URL	Date	SRC
https://www.gocd.org/releases/#22-1-0	2022-06-06

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Thoughtworks Search vendor "Thoughtworks"		Gocd Search vendor "Thoughtworks" for product "Gocd"				>= 19.11.0 <= 21.4.0 Search vendor "Thoughtworks" for product "Gocd" and version " >= 19.11.0 <= 21.4.0"		-		Affected