cbcvebase.
CVE-2023-27898
published 2023-03-10

CVE-2023-27898: Jenkins 2.270 through 2.393 (both inclusive), LTS 2.277.1 through 2.375.3 (both inclusive) does not escape the Jenkins version a plugin depends on when…

PriorityP343critical9.6CVSS 3.1
AVNACLPRNUIRSCCHIHAH
EPSS
1.84%
76.3th percentile
Jenkins 2.270 through 2.393 (both inclusive), LTS 2.277.1 through 2.375.3 (both inclusive) does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide plugins to the configured update sites and have this message shown by Jenkins instances.

Affected

17 ranges
VendorProductVersion rangeFixed in
jenkinsdue_to_how_jenkins_community_update_sites_serve_plugin
jenkinsjenkins>= 2.270 < 2.3942.394
jenkinsjenkins>= 2.277.1 < 2.375.42.375.4
jenkinsjenkins_community_update_sites_no_longer_publish_plugin
jenkinsjenkins_core
jenkinsjenkins_core_version_on_plugin
jenkinsjenkins_creates_a_temporary_file_when_a_plugin
jenkinsjenkins_in_the_plugin
jenkinsjenkins_lts
jenkinsjenkins_project_has_distributed_a_single_plugin
jenkinsjenkins_security_team_has_confirmed_that_no_plugin
jenkinsjenkins_version_a_plugin
jenkinsjenkins_weekly
jenkinslts_2.387.1_escapes_the_jenkins_version_a_plugin
jenkinsno_other_plugin
jenkinsthis_version_is_taken_from_plugin
jenkins_projectjenkins>= 2.270 < 2.*2.*

CVSS provenance

nvdv3.19.6CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
vendor_redhat9.6CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.