Bug 1670299 (CVE-2019-1003013) - CVE-2019-1003013 jenkins-plugin-blueocean: XSS vulnerability via user description in Blue Ocean (SECURITY-1204)
Summary: CVE-2019-1003013 jenkins-plugin-blueocean: XSS vulnerability via user descrip...
Keywords:
Status: NEW
Alias: CVE-2019-1003013
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1671469 1671470
Blocks: 1670285
TreeView+ depends on / blocked
 
Reported: 2019-01-29 08:00 UTC by Sam Fowler
Modified: 2019-09-29 15:06 UTC (History)
12 users (show)

Fixed In Version: jenkins-plugin-blueocean 1.10.2
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:


Attachments (Terms of Use)

Description Sam Fowler 2019-01-29 08:00:24 UTC
Jenkins Blue Ocean plugin before version 1.10.2 did not properly escape HTML/JavaScript content set on the current user’s description field, resulting in a cross-site scripting vulnerability exploitable by administrators and other people accessing Jenkins with the same user account.

Blue Ocean now properly escapes HTML/JavaScript content set on the current user’s description field.


External Reference:

https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1204

Upstream patches:

https://github.com/jenkinsci/blueocean-plugin/commit/62775e78532b756826bb237775b64a5052624b57

Comment 1 Paul Harvey 2019-02-04 06:29:26 UTC
openshift-enterprise 3.4-3.11 inclusive: affected

Once openshift3/jenkins-1-rhel7, openshift3/jenkins-2-rhel7, openshift3/jenkins-slave-base-rhel7 container images have been released with these fixes, users of all versions of openshift-enterprise-3.2+ are encouraged to update these container images in their environment.


Note You need to log in before you can comment on or make changes to this bug.