[JENKINS:SECURITY-2869] Stored XSS vulnerability in `checkmarx`

Severity High

Affected Packages 2

Fixed Packages 2

CVEs 1

checkmarx processes Checkmarx service API responses and generates HTML reports from them for rendering on the Jenkins UI.

checkmarx 2022.3.3 and earlier does not escape values returned from the Checkmarx service API before inserting them into HTML reports.
This results in a stored cross-site scripting (XSS) vulnerability.

NOTE: While Jenkins users without Overall/Administer permission are not allowed to configure the URL to the Checkmarx service, this could still be exploited via man-in-the-middle attacks.

checkmarx 2022.4.3 escapes values returned from the Checkmarx service API before inserting them into HTML reports.

Package	Affected Version
pkg:maven/org.jenkins-ci.plugins/checkmarx	<= 2022.3.3
pkg:github/jenkinsci/checkmarx-plugin	<= 2022.3.3

Package	Fixed Version
pkg:maven/org.jenkins-ci.plugins/checkmarx	= 2022.4.3
pkg:github/jenkinsci/checkmarx-plugin	= 2022.4.3

ID

JENKINS:SECURITY-2869

Severity

high

Published

2022-12-07T00:00:00
(21 months ago)

Modified

2022-12-07T00:00:00
(21 months ago)

Rights

Jenkins Security Team

Other Advisories

MAVEN:GHSA-P86X-75J8-W4XH

Source	# ID	Name	URL
Plugin repository		checkmarx repository	https://github.com/jenkinsci/checkmarx-plugin

Type	Package URL	Namespace	Name / Product	Version
Affected	pkg:maven/org.jenkins-ci.plugins/checkmarx	org.jenkins-ci.plugins	checkmarx	<= 2022.3.3
Fixed	pkg:maven/org.jenkins-ci.plugins/checkmarx	org.jenkins-ci.plugins	checkmarx	= 2022.4.3
Affected	pkg:github/jenkinsci/checkmarx-plugin	jenkinsci	checkmarx-plugin	<= 2022.3.3
Fixed	pkg:github/jenkinsci/checkmarx-plugin	jenkinsci	checkmarx-plugin	= 2022.4.3

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date