CVE-2022-41239: Stored XSS vulnerability in Jenkins DotCi Plugin
8.8
CVSS Score
3.1
Basic Information
CVE ID
GHSA ID
EPSS Score
0.93384%
CWE
Published
9/22/2022
Updated
1/31/2023
KEV Status
No
Technology
Java
Technical Details
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| com.groupon.jenkins-ci.plugins:DotCi | maven | <= 2.40.00 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from unescaped GitHub user names in build cause displays. Jenkins plugins typically use the getShortDescription() method in Cause subclasses to generate UI messages. Since the advisory explicitly states the user name isn't escaped during display, this method is the logical point where raw user input is incorporated into HTML without sanitization. The stored XSS occurs when this unescaped value is rendered in the UI. While the exact code isn't visible, this pattern matches Jenkins plugin architecture and the described vulnerability mechanism.