Jenkins Security Advisory: Sandbox Bypass and Stored XSS in Multiple Plugins (CVE-2020-2109 to 2113)

Critical Vulnerability Information Description Sandbox bypass via default method parameter expression in Pipeline: Groovy Plugin - CVE: CVE-2020-2109 - Severity: High - Affected Plugin: workflow-cps - Description: In Pipeline: Groovy Plugin versions 2.78 and earlier, sandbox protection can be bypassed through default method parameter expressions. Sandbox bypass vulnerability in Script Security Plugin - CVE: CVE-2020-2110 - Severity: High - Affected Plugin: script-security - Description: In Script Security Plugin versions 1.69 and earlier, sandbox protection can be bypassed via AST transformation comments. Stored XSS vulnerability in Subversion Plugin - CVE: CVE-2020-2111 - Severity: Medium - Affected Plugin: subversion - Description: Subversion Plugin versions 2.13.0 and earlier do not escape error messages in the project repository base URL field form validation. Multiple stored XSS vulnerabilities in Git Parameter Plugin - CVE: CVE-2020-2112 (parameter name), CVE-2020-2113 (default value) - Severity: Medium - Affected Plugin: git-parameter - Description: Git Parameter Plugin versions 0.9.11 and earlier do not properly escape parameter names or default values. Fixes Brakeman Plugin: Upgrade to version 0.13 FitNesse Plugin: Upgrade to version 1.31 Git Parameter Plugin: Upgrade to version 0.9.12 Google Kubernetes Engine Plugin: Upgrade to version 0.8.1 Microsoft Entra ID (previously Azure AD) Plugin: Upgrade to version 1.2.0 NUunit Plugin: Upgrade to version 0.26 Pipeline GitHub Notify Step Plugin: Upgrade to version 1.0.5 Pipeline: Groovy Plugin: Upgrade to version 2.79 RadarGun Plugin: Upgrade to version 1.8 S3 Publisher Plugin: Upgrade to version 0.11.5 Script Security Plugin: Upgrade to version 1.70 Subversion Plugin: Upgrade to version 2.13.1 Severity High: - SECURITY-812 (1) - SECURITY-1710 - SECURITY-1713 - SECURITY-1751 - SECURITY-1752 Medium: - SECURITY-812 (2) - SECURITY-1540 - SECURITY-1547 - SECURITY-1549 - SECURITY-1552 - SECURITY-1553 Affected Versions Applatix Plugin: up to and including 1.1 BMC Release Package and Deployment Plugin: up to and including 1.1 brakeman Plugin: up to and including 0.12 debian-package-builder Plugin: up to and including 1.6.11 DigitalOcean Plugin: up to and including 1.1 Dynamic Extended Choice Parameter Plugin: up to and including 1.0.1

Goal Reached Thanks to every supporter — we hit 100%!

Jenkins Security Advisory: Sandbox Bypass and Stored XSS in Multiple Plugins (CVE-2020-2109 to 2113)