CVE-2022-41224
published 2022-09-21CVE-2022-41224: Jenkins 2.367 through 2.369 (both inclusive) does not escape tooltips of the l:helpIcon UI component used for some help icons on the Jenkins web UI, resulting…
PriorityP424medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
EPSS
0.87%
54.1th percentile
Jenkins 2.367 through 2.369 (both inclusive) does not escape tooltips of the l:helpIcon UI component used for some help icons on the Jenkins web UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control tooltips for this component.
Affected
24 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | anchore_container_image_scanner_plugin | — | — |
| jenkins | apprenda_plugin | — | — |
| jenkins | bigpanda_notifier_plugin | — | — |
| jenkins | bmc_ami_common_configuration_plugin | — | — |
| jenkins | cons3rt_plugin | — | — |
| jenkins | dotci_plugin | — | — |
| jenkins | jenkins | >= 2.367 < 2.370 | 2.370 |
| jenkins | jenkins_core | — | — |
| jenkins | jenkins_weekly | — | — |
| jenkins | lack_of_authentication_mechanism_in_dotci_plugin | — | — |
| jenkins | ns-nd_integration_performance_publisher_plugin | — | — |
| jenkins | rqm_plugin | — | — |
| jenkins | rundeck_plugin | — | — |
| jenkins | scm_httpclient_plugin | — | — |
| jenkins | security_inspector_plugin | — | — |
| jenkins | smalltest_plugin | — | — |
| jenkins | this_could_create_confusion_in_users_of_the_plugin | — | — |
| jenkins | urls_of_jenkins_servers_that_the_plugin | — | — |
| jenkins | view26_test-reporting_plugin | — | — |
| jenkins | walti_plugin | — | — |
| jenkins | wildfly_deployer_plugin | — | — |
| jenkins | worksoft_execution_manager_plugin | — | — |
| jenkins_project | jenkins | >= 2.367 < unspecified | unspecified |
| jenkins_project | jenkins | unspecified – 2.369 | — |
CVSS provenance
nvdv3.15.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
vendor_redhat5.4MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Jenkins vulnerable to stored cross site scripting in the I:helpIcon component
osv·2022-09-22
CVE-2022-41224 [HIGH] Jenkins vulnerable to stored cross site scripting in the I:helpIcon component
Jenkins vulnerable to stored cross site scripting in the I:helpIcon component
Jenkins 2.367 through 2.369 (both inclusive) does not escape tooltips of the `l:helpIcon` UI component used for some help icons on the Jenkins web UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control tooltips for this component.
As of publication, the Jenkins security team is unaware of any exploitable help icon/tooltip in Jenkins core or plugins published by the Jenkins project. The vast majority of help icons use the `l:help` component instead of l:helpIcon. The few known instances of `l:helpIcon` do not have user-controllable tooltip contents.
GHSA
Jenkins vulnerable to stored cross site scripting in the I:helpIcon component
ghsa·2022-09-22
CVE-2022-41224 [HIGH] CWE-79 Jenkins vulnerable to stored cross site scripting in the I:helpIcon component
Jenkins vulnerable to stored cross site scripting in the I:helpIcon component
Jenkins 2.367 through 2.369 (both inclusive) does not escape tooltips of the `l:helpIcon` UI component used for some help icons on the Jenkins web UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control tooltips for this component.
As of publication, the Jenkins security team is unaware of any exploitable help icon/tooltip in Jenkins core or plugins published by the Jenkins project. The vast majority of help icons use the `l:help` component instead of l:helpIcon. The few known instances of `l:helpIcon` do not have user-controllable tooltip contents.
Jenkins
Jenkins Security Advisory 2022-09-21
vendor_jenkins·2022-09-21·CVSS 5.4
CVE-2022-41224 [MEDIUM] Jenkins Security Advisory 2022-09-21
Title: Jenkins Security Advisory 2022-09-21
Jenkins Security Advisory 2022-09-21
Jenkins Security Home
For Administrators
Overview
Terminology
Vulnerabilities and Scoring
Security Advisories
Security Issues
Advisory Schedule
Vulnerabilities in Plugins
How We Fix Security Issues
For Reporters
Reporting Vulnerabilities
Jenkins CNA
For Maintainers
Overview
Vulnerabilities in Plugins
Jenkins Security Team
About
Contributions
This advisory announces vulnerabilities in the following Jenkins deliverables:
Jenkins (core)
Anchore Container Image Scanner
Plugin
Apprenda
Plugin
BigPanda Notifier
Plugin
BMC AMI Common Configuration
Plugin
build-publisher
Plugin
CONS3RT
Plugin
Red Hat
Jenkins: stored XSS in Jenkins
vendor_redhat·2022-09-21·CVSS 5.4
CVE-2022-41224 [MEDIUM] CWE-79 Jenkins: stored XSS in Jenkins
Jenkins: stored XSS in Jenkins
Jenkins 2.367 through 2.369 (both inclusive) does not escape tooltips of the l:helpIcon UI component used for some help icons on the Jenkins web UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control tooltips for this component.
A flaw was found in the Jenkins package. Jenkins does not escape tooltips of the l:helpIcon UI component used for some help icons on the Jenkins web UI. This issue results in a stored Cross-site scripting (XSS) vulnerability, exploitable by attackers able to control tooltips for this component.
Statement: This vulnerability affects Jenkins version 2.367 through 2.369 (both inclusive). Red Hat products use Jenkins LTS which is NOT affected by this vulnerability.
Package: jenkins
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-09-21
Published