Miggo Logo

CVE-2018-1000108: Reflected cross-site-scripting vulnerability in report URL of Jenkins CppNCSS Plugin

6.1

CVSS Score
3.0

Basic Information

EPSS Score
0.20451%
Published
5/14/2022
Updated
1/30/2024
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.jenkins-ci.plugins:cppncssmaven<= 1.11.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from unescaped output of reportName and graphName parameters in the Jelly template AbstractProjectAction/index.jelly. While no code diffs are provided, the advisory explicitly identifies these parameters as improperly escaped. In Jenkins' Jelly templating system, direct ${parameter} usage without h.escape() or <j:out> tags would appear as rendering functions in the template execution context. Runtime detection would observe these template rendering operations handling untrusted input.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* *ross-sit* s*riptin* vuln*r**ility *xists in J*nkins *ppN*SS Plu*in *.* *n* **rli*r in **str**tProj**t**tion/in**x.j*lly t**t *llow *n *tt**k*r to *r**t links to J*nkins URLs t**t run *r*itr*ry J*v*S*ript in t** us*r's *rows*r w**n ****ss**.

Reasoning

T** vuln*r**ility st*ms *rom un*s**p** output o* `r*portN*m*` *n* `*r*p*N*m*` p*r*m*t*rs in t** J*lly t*mpl*t* `**str**tProj**t**tion/in**x.j*lly`. W*il* no *o** *i**s *r* provi***, t** **visory *xpli*itly i**nti*i*s t**s* p*r*m*t*rs *s improp*rly *s