[<prev] [next>] [day] [month] [year] [list]
Message-ID: <78207313-46d3-941d-ecfd-71ccb353bce1@securify.nl>
Date: Fri, 14 Apr 2017 21:56:39 +0200
From: "Securify B.V." <lists@...urify.nl>
To: fulldisclosure@...lists.org
Subject: [FD] Persistent Cross-Site Scripting in Scriptler Jenkins Plugin
------------------------------------------------------------------------
Persistent Cross-Site Scripting in Scriptler Jenkins Plugin
------------------------------------------------------------------------
Burak Kelebek, April 2017
------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
A Cross-Site Scripting vulnerability was found in the Scriptler Jenkins
plugin. This vulnerability allows an attacker to perform a wide variety
of actions, such as stealing Administrators' session tokens, or
performing arbitrary actions on their behalf. In order to exploit this
issue, an authenticated attacker has to inject arbitrary HTML in the
description of a Scriptler script and wait for an admin to visit the
script overview page. By combining this vulnerability with the reported
Cross-Site Request Forgery vulnerability it is possible for an
unauthenticated attacker to exploit this issue by luring an
authenticated administrator into visiting a specially crafted page.
------------------------------------------------------------------------
See also
------------------------------------------------------------------------
Jenkins Security Advisory 2017-04-10
------------------------------------------------------------------------
Tested versions
------------------------------------------------------------------------
This issue was successfully tested on Scriptler version 2.9.
------------------------------------------------------------------------
Fix
------------------------------------------------------------------------
There is currently no fix available
------------------------------------------------------------------------
Details
------------------------------------------------------------------------
https://www.securify.nl/advisory/SFY20170406/persistent_cross_site_scripting_in_scriptler_jenkins_plugin.html
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists