8.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2022-41239

GHSA ID

GHSA-q9g4-9fx4-v533

EPSS Score

0.93384%

CWE

CWE-79

Published

9/22/2022

Updated

1/31/2023

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2022-41239

CVE-2022-41239: Stored XSS vulnerability in Jenkins DotCi Plugin

DotCi Plugin 2.40.00 and earlier does not escape the GitHub user name parameter provided to commit notifications when displaying them in a build cause.

This results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to submit crafted commit notifications to the /githook/ endpoint (see also SECURITY-2867).

This vulnerability is only exploitable in Jenkins 2.314 and earlier, LTS 2.303.1 and earlier. See the LTS upgrade guide.

(GitHub Advisory)

8.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2022-41239

GHSA ID

GHSA-q9g4-9fx4-v533

EPSS Score

0.93384%

CWE

CWE-79

Published

9/22/2022

Updated

1/31/2023

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
com.groupon.jenkins-ci.plugins:DotCi	maven	<= 2.40.00

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from unescaped GitHub user names in build cause displays. Jenkins plugins typically use the getShortDescription() method in Cause subclasses to generate UI messages. Since the advisory explicitly states the user name isn't escaped during display, this method is the logical point where raw user input is incorporated into HTML without sanitization. The stored XSS occurs when this unescaped value is rendered in the UI. While the exact code isn't visible, this pattern matches Jenkins plugin architecture and the described vulnerability mechanism.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*ot*i Plu*in *.**.** *n* **rli*r *o*s not *s**p* t** *it*u* us*r n*m* p*r*m*t*r provi*** to *ommit noti*i**tions w**n *ispl*yin* t**m in * *uil* **us*. T*is r*sults in * stor** *ross-sit* s*riptin* (XSS) vuln*r**ility *xploit**l* *y *tt**k*rs **l* t

Reasoning

T** vuln*r**ility st*ms *rom un*s**p** *it*u* us*r n*m*s in *uil* **us* *ispl*ys. J*nkins plu*ins typi**lly us* t** **tS*ort**s*ription() m*t*o* in **us* su**l*ss*s to **n*r*t* UI m*ss***s. Sin** t** **visory *xpli*itly st*t*s t** us*r n*m* isn't *s*

8.8

Basic Information

Concerned about an active attack path?

CVE-2022-41239: Stored XSS vulnerability in Jenkins DotCi Plugin

8.8

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI