HTTP: Jenkins Claim Plugin Stored Cross-Site Scripting

This signature detects attempts to exploit a known cross-site scripting vulnerability against Jenkins. It is due to insufficient validation of user-supplied input. Attackers can steal cookie-based authentication credentials and launch other attacks.

Extended Description

Jenkins Claim Plugin 2.18.1 and earlier does not escape the user display name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers who are able to control the display names of Jenkins users, either via the security realm, or directly inside Jenkins.

Affected Products

Jenkins claim

Short Name
HTTP:XSS:JENKINS-CLAIM-SXSS
Severity
Warning
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2021-21619 CVE-2021-21667 CVE-2021-21668 Claim Cross-Site Jenkins Plugin Scripting Stored
Release Date
06/16/2021
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3590
False Positive
Rarely
Vendors

Jenkins

CVSS Score

3.5

Found a potential security threat?