Miggo Logo

CVE-2020-2292: Stored XSS vulnerability in Jenkins Release Plugin

5.4

CVSS Score
3.1

Basic Information

EPSS Score
0.46137%
Published
5/24/2022
Updated
10/27/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.jenkins-ci.plugins:releasemaven< 2.112.11

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The commit diff shows the vulnerability was fixed by adding Util.xmlEscape() to the getReleaseVersion() method. This method directly returns the user-controlled release version that gets rendered in UI elements. The lack of output encoding in this specific method matches the described XSS vulnerability pattern where attacker-controlled version strings could execute scripts in tooltips. The singular code change in the patch directly correlates to the vulnerability description.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

J*nkins R*l**s* Plu*in *.**.* *n* **rli*r *o*s not *s**p* t** r*l**s* v*rsion in ***** tooltip, r*sultin* in * stor** *ross-sit* s*riptin* (XSS) vuln*r**ility *xploit**l* *y *tt**k*rs wit* R*l**s*/R*l**s* p*rmission.

Reasoning

T** *ommit *i** s*ows t** vuln*r**ility w*s *ix** *y ***in* `Util.xml*s**p*()` to t** `**tR*l**s*V*rsion()` m*t*o*. T*is m*t*o* *ir**tly r*turns t** us*r-*ontroll** r*l**s* v*rsion t**t **ts r*n**r** in UI *l*m*nts. T** l**k o* output *n*o*in* in t*i