Proof of Concept for CVE-2024-28157# PoC CVE-2024-28157
### Overview
Jenkins **GitBucket** Plugin veersion 0.8 and earlier does not sanitize Gitbucket
URLs on build views, resulting in a stored **cross-site scripting XSS** vulnerability
exploitable by attackers able to configure jobs.
### Exploitation Steps
#### Setup Jenkins (using docker):
1. Use docker to run the jenkins image.
```
docker run jenkins/jenkins:lts
```
2. Install the Gitbucket Plugin from the GUI (The most recent version of this plugin is 0.8 which is vulnerable so the exploit will work).
#### Exploit:
1. Go to New Item and create a new job. Select the item type (I went with freestyle project in the demo).
2. In the configurations, provide a simple xxs payload `javascript:alert('hello')` inside the Gitbucket URL section.
3. Save the configs and go to the Gitbucket option. Observe the xss execution.
### Exploit Video
[jenkinsxxsexploit.webm](https://github.com/user-attachments/assets/fd2272e6-0d69-4ced-8ceb-531bfa2396f2)
[4.0K] /data/pocs/691bd225dbe7e0c3ef4c4ed7081350de1923b442
├── [1.1K] LICENSE
└── [ 973] README.md
1 directory, 2 files