CVE-2018-1000413: Stored XSS vulnerability in Config File Provider Plugin
5.4
CVSS Score
3.0
Basic Information
CVE ID
GHSA ID
EPSS Score
0.29619%
CWE
Published
5/14/2022
Updated
12/15/2023
KEV Status
No
Technology
Java
Technical Details
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
org.jenkins-ci.plugins:config-file-provider | maven | <= 3.1 | 3.2 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from improper output encoding in the Jelly templates. The commit 5c1df55 shows that prior to the fix, these templates used direct variable interpolation (e.g., ${t.name}
) instead of the escaping-aware <j:out>
tag. This allowed unescaped rendering of user-controlled configuration metadata. The advisory explicitly identifies these files as the source of the XSS vulnerability, and the patch corrected the escaping mechanism.