XSS via the triggered job URL of a Jenkins job
Package
Tuleap Community Edition
(tuleap)
Affected versions
< 14.8.99.60
Patched versions
14.8.99.60
Tuleap Enterprise Edition
(tuleap)
< 14.8-3
< 14.7-7
14.8-3
14.7-7
The logs of the triggered Jenkins job URLs are not properly escaped.
Impact
A malicious Git administrators can setup a malicious Jenkins hook to make a victim (also a Git administrator) execute uncontrolled code.
Patches
The following versions contain the fix:
For more information
If you have any questions or comments about this advisory, reach out to us via the contact information provided on the Tuleap.org security page.
References