GHSA-whf8-3h58-2w9f
Suggest an improvement- Source
- https://github.com/advisories/GHSA-whf8-3h58-2w9f
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-whf8-3h58-2w9f/GHSA-whf8-3h58-2w9f.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-whf8-3h58-2w9f
- Aliases
- Published
- 2022-05-13T01:31:35Z
- Modified
- 2023-11-01T04:49:49.266973Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- Jenkins Warnings Next Generation Plugin cross-site request forgery vulnerability
- Details
-
Jenkins Warnings Next Generation Plugin has a form validation HTTP endpoint used to validate a Groovy script through compilation, which was not subject to sandbox protection. The endpoint checked for the Overall/RunScripts permission, but did not require POST requests, so it was vulnerable to cross-site request forgery (CSRF). This allowed attackers to execute arbitrary code on the Jenkins controller by applying AST transforming annotations such as
@Grabto source code elements.The affected HTTP endpoint now applies a safe Groovy compiler configuration preventing the use of unsafe AST transforming annotations. Additionally, the form validation HTTP endpoint now requires that requests be sent via POST to prevent CSRF.
- Database specific
{ "nvd_published_at": "2019-02-06T16:29:00Z", "cwe_ids": [ "CWE-352" ], "severity": "HIGH", "github_reviewed_at": "2023-10-25T23:03:12Z", "github_reviewed": true }- References
Affected packages
Maven / io.jenkins.plugins:warnings-ng
Package
- Name
- io.jenkins.plugins:warnings-ng
- View open source insights on deps.dev
- Purl
- pkg:maven/io.jenkins.plugins/warnings-ng