Jenkins Contrast Continuous Application Security Plugin 3.9 and earlier does not escape data returned from the Contrast service when generating a report, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control or modify Contrast service API responses. Contrast Continuous Application Security Plugin 3.10 escapes the affected data.



**Jenkins Contrast Continuous Application Security Plugin vulnerable to stored Cross-site Scripting**

Moderate severity GitHub Reviewed Published Oct 19, 2022 • Updated Oct 19, 2022

GHSA-hvcr-927w-qcvq: Jenkins Contrast Continuous Application Security Plugin vulnerable to stored Cross-site Scripting

OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the email parameter in the Check Email function.

Permalink

**1** contributor

**Users who have contributed to this file**

**Cross Site Scripting vulnerability in the OpenCats 'email' parameter of Check Email functionality**

OpenCats version 0.9.6 PHP7.2 suffers from reflected XSS vulnerability. This allows attackers arbitrary JavaScript injection, which compromises secure session between client and server.

**PoC**

    GET /index.php?m=toolbar&callback=<script>alert`xss`</script>&a=checkEmailIsInSystem&email=<script>alert(document.domain)</script>

CVE-2022-43018: opencats_zero-days/XSS_in_checkEmail.md at main · hansmach1ne/opencats_zero-days

OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the indexFile component.

Permalink

**Name already in use**

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Go to file

*   Go to file

*   Copy path
*   Copy permalink

**1** contributor

**Users who have contributed to this file**

Cross Site Scripting vulnerability in the OpenCats 'indexFile'.

OpenCats version 0.9.6 PHP7.2 suffers from reflected XSS vulnerability. This allows attackers arbitrary JavaScript injection, which compromises secure session between client and server.

**PoC**

    GET //ajax.php?f=getPipelineJobOrder&joborderID=1&page=0&entriesPerPage=1&sortBy=dateCreatedInt&sortDirection=desc&indexFile=15)"></a><script>alert`xss`</script>&isPopup=0

CVE-2022-43017: opencats_zero-days/XSS_in_indexFile.md at main · hansmach1ne/opencats_zero-days

OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the joborderID parameter.

Permalink

**1** contributor

**Users who have contributed to this file**

**Cross Site Scripting vulnerability in the OpenCats 'joborderID'.**

OpenCats version 0.9.6 PHP7.2 suffers from reflected XSS vulnerability. This allows attackers arbitrary JavaScript injection, which compromises secure session between client and server.

**PoC**

    GET /ajax.php?f=getPipelineJobOrder&joborderID=1)"></a> <script>alert`xss`</script>&page=0&entriesPerPage=1&sortBy=dateCreatedInt&sortDirection=desc&indexFile=index.php&isPopup=0

CVE-2022-43014: opencats_zero-days/XSS_in_joborderID.md at main · hansmach1ne/opencats_zero-days

OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the entriesPerPage parameter.

Permalink

Cannot retrieve contributors at this time

**Cross Site Scripting vulnerability in the OpenCats 'entriesPerPage'.**

OpenCats version 0.9.6 PHP7.2 suffers from reflected XSS vulnerability. This allows attackers arbitrary JavaScript injection, which compromises secure session between client and server.

**PoC**

    GET /ajax.php?f=getPipelineJobOrder&joborderID=2&page=0&entriesPerPage=15)"></a> <script>alert`xss`</script>&sortBy=dateCreatedInt&sortDirection=desc&indexFile=index.php&isPopup=0

CVE-2022-43015: opencats_zero-days/XSS_in_entriesPerPage.md at main · hansmach1ne/opencats_zero-days

OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the callback component.

Permalink

Cannot retrieve contributors at this time

**Cross Site Scripting vulnerability in the OpenCats 'callback'.**

OpenCats version 0.9.6 PHP7.2 suffers from reflected XSS vulnerability. This allows attackers arbitrary JavaScript injection, which compromises secure session between client and server.

**PoC**

GET /index.php?m=toolbar&callback=<script>alert`xss`</script>&a=authenticate

CVE-2022-43016: opencats_zero-days/XSS_in_callback.md at main · hansmach1ne/opencats_zero-days

Jenkins ScreenRecorder Plugin 0.7 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.

CVE-2022-43433: Jenkins Security Advisory 2022-10-19

Jenkins Compuware Xpediter Code Coverage Plugin 1.0.7 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to obtain the values of Java system properties from the Jenkins controller process.

CVE-2022-43424: Jenkins Security Advisory 2022-10-19

Jenkins NeuVector Vulnerability Scanner Plugin 1.20 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.

CVE-2022-43434: Jenkins Security Advisory 2022-10-19

Jenkins XFramium Builder Plugin 1.0.22 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.

Tag

#xss