1. Home
  2. Security Advisories
  3. Jenkins
  4. JENKINS:SECURITY-2884

[JENKINS:SECURITY-2884] Stored XSS vulnerability in `DotCi`

Severity High
Affected Packages 2
CVEs 1
Info Packages References Vulnerabilities

DotCi 2.40.00 and earlier does not escape the GitHub user name parameter provided to commit notifications when displaying them in a build cause.

This results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to submit crafted commit notifications to the /githook/ endpoint (see also link:#SECURITY-2867[SECURITY-2867]).

NOTE: This vulnerability is only exploitable in Jenkins 2.314 and earlier, LTS 2.303.1 and earlier.
See the link:/doc/upgrade-guide/2.303/#SECURITY-2452[LTS upgrade guide].

As of publication of this advisory, there is no fix.

Package Affected Version
pkg:maven/org.jenkins-ci.plugins/DotCi <= 2.40.00
pkg:github/jenkinsci/dotci-plugin <= 2.40.00
ID
JENKINS:SECURITY-2884
Severity
high
Published
2022-09-21T00:00:00
(2 years ago)
Modified
2022-09-21T00:00:00
(2 years ago)
Rights
Jenkins Security Team
Other Advisories
Source # ID Name URL
Plugin repository DotCi repository https://github.com/jenkinsci/DotCi-plugin
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:maven/org.jenkins-ci.plugins/DotCi org.jenkins-ci.plugins DotCi <= 2.40.00
Affected pkg:github/jenkinsci/dotci-plugin jenkinsci dotci-plugin <= 2.40.00
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date