GHSA-h7pf-h58r-mv93

Source

https://github.com/advisories/GHSA-h7pf-h58r-mv93

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/07/GHSA-h7pf-h58r-mv93/GHSA-h7pf-h58r-mv93.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-h7pf-h58r-mv93

Aliases

CVE-2022-34780

Published

2022-07-01T00:01:07Z

Modified

2023-11-08T04:09:46.635665Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N CVSS Calculator

Summary

CSRF vulnerability in Jenkins XebiaLabs XL Release Plugin allow capturing credentials

Details

XebiaLabs XL Release Plugin 22.0.0 and earlier does not perform permission checks in methods implementing form validation.

This allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

Additionally, these form validation methods do not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.

XebiaLabs XL Release Plugin 22.0.1 requires POST requests and Overall/Administer permission for the affected form validation methods.

Database specific

{
    "nvd_published_at": "2022-06-30T18:15:00Z",
    "github_reviewed_at": "2022-12-12T21:33:52Z",
    "severity": "MODERATE",
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-352"
    ]
}

References

Affected packages

Maven / com.xebialabs.ci:xlrelease-plugin

Package

Name: com.xebialabs.ci:xlrelease-plugin; View open source insights on deps.dev
Purl: pkg:maven/com.xebialabs.ci/xlrelease-plugin

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

22.0.1

Affected versions

2.*

2.2.1

4.*

4.0.9

4.0.11

4.5.0

4.5.1

4.8.0

5.*

5.0.0

6.*

6.0.0

6.1.0

6.1.1

6.1.2

7.*

7.5.0

7.5.1

7.5.2

7.5.3

7.5.4

7.5.5

7.5.6

7.5.7

10.*

10.0.0

22.*

22.0.0

Database specific

{
    "last_known_affected_version_range": "<= 22.0.0"
}