Miggo Logo

CVE-2020-2248: Reflected XSS vulnerability in Jenkins JSGames Plugin

8.8

CVSS Score
3.1

Basic Information

EPSS Score
0.49117%
Published
5/24/2022
Updated
1/29/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.jenkins-ci.plugins:jsgamesmaven<= 0.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability description explicitly states that the plugin 'evaluates part of a URL as code,' which strongly suggests unvalidated/unescaped URL input is incorporated into the server's response. In Jenkins plugins, this typically occurs in HTTP request handling methods (e.g., doGet, doDynamic, or custom actions) that process URL parameters/paths and generate dynamic content. The lack of output encoding or sanitization in these methods leads to reflected XSS. While the exact function name/path isn't provided in the advisories, the pattern matches common Jenkins plugin vulnerability patterns.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

J*nkins JS**m*s Plu*in *.* *n* **rli*r *v*lu*t*s p*rt o* * URL *s *o**, r*sultin* in * r**l**t** *ross-sit* s*riptin* (XSS) vuln*r**ility.

Reasoning

T** vuln*r**ility **s*ription *xpli*itly st*t*s t**t t** plu*in '*v*lu*t*s p*rt o* * URL *s *o**,' w*i** stron*ly su***sts unv*li**t**/un*s**p** URL input is in*orpor*t** into t** s*rv*r's r*spons*. In J*nkins plu*ins, t*is typi**lly o**urs in `*TTP`