CVE-2020-2223
published 2020-07-15CVE-2020-2223: Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape correctly the 'href' attribute of links to downstream jobs displayed in the build console…
PriorityP423medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
EPSS
1.03%
59.4th percentile
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape correctly the 'href' attribute of links to downstream jobs displayed in the build console page, resulting in a stored cross-site scripting vulnerability.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | vapor_vapor | >= 4.0.0-rc.2.5 < 4.29.4 | 4.29.4 |
| jenkins | deployer_framework_plugin | — | — |
| jenkins | gitlab_authentication_plugin | — | — |
| jenkins | jenkins | <= 2.235.1 | — |
| jenkins | jenkins | <= 2.244 | — |
| jenkins | jenkins_core | — | — |
| jenkins | jenkins_lts | — | — |
| jenkins | jenkins_weekly | — | — |
| jenkins | matrix_authorization_strategy_plugin | — | — |
| jenkins | matrix_project_plugin | — | — |
| jenkins_project | jenkins | unspecified – 2.244 | — |
CVSS provenance
nvdv3.15.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
nvdv2.03.5LOWAV:N/AC:M/Au:S/C:N/I:P/A:N
vendor_redhat5.4MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Arbitrary file read using percent-encoded relative paths in FileMiddleware
ghsa·2023-06-09
CVE-2020-15230 [MEDIUM] CWE-22 Arbitrary file read using percent-encoded relative paths in FileMiddleware
Arbitrary file read using percent-encoded relative paths in FileMiddleware
### Impact
Attackers can access data at arbitrary filesystem paths on the same host as an application using `FileMiddleware`.
### Patches
Version [4.29.4](https://github.com/vapor/vapor/releases/tag/4.29.4)
### Workarounds
Upgrade to 4.24.4 or later, or disable `FileMiddleware`.
### References
* Introduced in https://github.com/vapor/vapor/pull/2223
* Fixed by https://github.com/vapor/vapor/pull/2500
### For more information
If you have any questions or comments about this advisory:
* Open [an issue](https://github.com/vapor/vapor/issues)
* Email us at [[email protected]](mailto:[email protected])
GHSA
Stored XSS vulnerability in Jenkins console links
ghsa·2022-05-24
CVE-2020-2223 [HIGH] CWE-79 Stored XSS vulnerability in Jenkins console links
Stored XSS vulnerability in Jenkins console links
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the `href` attribute of links to downstream jobs displayed in the build console page. This results in a stored cross-site scripting (XSS) vulnerability exploitable by users with Job/Configure permission.
Jenkins 2.245, LTS 2.235.2 escapes the `href` attribute of these links.
OSV
Stored XSS vulnerability in Jenkins console links
osv·2022-05-24
CVE-2020-2223 [HIGH] Stored XSS vulnerability in Jenkins console links
Stored XSS vulnerability in Jenkins console links
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the `href` attribute of links to downstream jobs displayed in the build console page. This results in a stored cross-site scripting (XSS) vulnerability exploitable by users with Job/Configure permission.
Jenkins 2.245, LTS 2.235.2 escapes the `href` attribute of these links.
Jenkins
Jenkins Security Advisory 2020-07-15
vendor_jenkins·2020-07-15·CVSS 5.4
CVE-2020-2220 [MEDIUM] Jenkins Security Advisory 2020-07-15
Title: Jenkins Security Advisory 2020-07-15
Jenkins Security Advisory 2020-07-15
Jenkins Security Home
For Administrators
Overview
Terminology
Vulnerabilities and Scoring
Security Advisories
Security Issues
Advisory Schedule
Vulnerabilities in Plugins
How We Fix Security Issues
For Reporters
Reporting Vulnerabilities
Jenkins CNA
For Maintainers
Overview
Vulnerabilities in Plugins
Jenkins Security Team
About
Contributions
This advisory announces vulnerabilities in the following Jenkins deliverables:
Jenkins (core)
Deployer Framework
Plugin
GitLab Authentication
Plugin
Matrix Authorization Strategy
Plugin
Matrix Project
Plugin
Descriptions
Stored XSS vulnerability in jo
Red Hat
jenkins: Stored XSS vulnerability in console links
vendor_redhat·2020-07-15·CVSS 5.4
CVE-2020-2223 [MEDIUM] CWE-79 jenkins: Stored XSS vulnerability in console links
jenkins: Stored XSS vulnerability in console links
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape correctly the 'href' attribute of links to downstream jobs displayed in the build console page, resulting in a stored cross-site scripting vulnerability.
A flaw was found in Jenkins versions 2.244 and prior and in LTS 2.235.1 and prior. HREF attribute of links to downstream jobs are not escaped on build console pages which could lead to a stored cross-site scripting (XSS) vulnerability. The user must have the Agent/Configure permission for this exploit to function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
No detection rules found.
Bugzilla
CVE-2020-2223 jenkins: Stored XSS vulnerability in console links
bugzilla·2020-07-15·CVSS 5.4
CVE-2020-2223 [MEDIUM] CVE-2020-2223 jenkins: Stored XSS vulnerability in console links
CVE-2020-2223 jenkins: Stored XSS vulnerability in console links
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the href attribute of links to downstream jobs displayed in the build console page. This results in a stored cross-site scripting (XSS) vulnerability exploitable by users with Job/Configure permission.
References:
https://www.jenkins.io/security/advisory/2020-07-15/
Discussion:
Created jenkins tracking bugs for this issue:
Affects: fedora-all [bug 1857434]
---
This issue has been addressed in the following products:
Red Hat OpenShift Container Platform 4.5
Via RHSA-2020:3519 https://access.redhat.com/errata/RHSA-2020:3519
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https://access.redhat
Bugzilla
CVE-2020-2223 jenkins: Stored XSS vulnerability in console links [fedora-all]
bugzilla·2020-07-15·CVSS 5.4
CVE-2020-2223 [MEDIUM] CVE-2020-2223 jenkins: Stored XSS vulnerability in console links [fedora-all]
CVE-2020-2223 jenkins: Stored XSS vulnerability in console links [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions
2020-07-15
Published