Jenkins Multiple Plugins Vulnerabilities Advisory: XSS, SSRF, Sandbox Bypass, Session Hijacking

From this webpage screenshot, the following key information about the vulnerabilities can be obtained: 1. Vulnerability Descriptions: - Script Security Plugin: The plugin does not perform permission checks in its validation method, allowing attackers with Overall/Read permissions to check whether files exist in the controller's filesystem. - Pipeline: Groovy Plugin: The plugin does not check if the main script is approved before rebuilding, allowing attackers with Item/Build permissions to rebuild unapproved builds. - Pipeline: Declarative Plugin: The plugin does not check if the main script is approved before restarting, allowing attackers with Item/Build permissions to restart unapproved builds. - Authorize Project Plugin: The plugin evaluates strings containing JavaScript in the authorization view, leading to a stored cross-site scripting (XSS) vulnerability. - OpenID Connect Authentication Plugin: The plugin does not clear existing sessions during login, allowing attackers to gain admin privileges via social engineering. - IvyTrigger Plugin: The plugin allows attackers to control input files in the build trigger, resulting in an XML External Entity (XXE) parsing vulnerability. - Shared Library Version Override Plugin: The plugin improperly handles folder-level library overrides in configuration files, allowing attackers to bypass the script security sandbox. 2. Affected Versions: - Authorize Project Plugin: Versions 1.7.2 and earlier. - IvyTrigger Plugin: Versions 1.01 and earlier. - OpenID Connect Authentication Plugin: Versions 4.418.vccc7061f5b_6d and earlier. - Pipeline: Declarative Plugin: Versions 2.2214.vb_b_34b_2ea_9b_83 and earlier. - Pipeline: Groovy Plugin: Versions 3990.vd281dd77a_388 and earlier. - Script Security Plugin: Versions 1367.vdf2fc45f229c and earlier. - Shared Library Version Override Plugin: Versions 17.v786074c9fce7 and earlier. 3. Remediation: - Update the affected plugins to the latest versions to fix the vulnerabilities. 4. Credits: - Thank you to the individuals who reported these vulnerabilities, including Daniel Beck and Kevin Guerroudj. This information helps users identify which plugins are vulnerable and how to remediate the issues by updating to the latest versions.

Goal Reached Thanks to every supporter — we hit 100%!

Jenkins Multiple Plugins Vulnerabilities Advisory: XSS, SSRF, Sandbox Bypass, Session Hijacking