CVE-2023-25761
Cross-site Scripting vulnerability in junit (Maven)
What is CVE-2023-25761 About?
This is a stored Cross-site Scripting (XSS) vulnerability in the Jenkins JUnit Plugin version 1166.va_436e268e972 and earlier. The plugin fails to properly escape test case class names in JavaScript expressions, allowing attackers to inject malicious scripts. Successful exploitation can lead to arbitrary code execution within the victim's browser context.
Affected Software
Technical Details
The Jenkins JUnit Plugin processes JUnit resources, including test case class names. This vulnerability arises because the plugin does not escape these class names when embedding them into JavaScript expressions shown in the user interface. An attacker who can control or manipulate JUnit test case class names, typically by submitting malicious JUnit reports, can inject arbitrary JavaScript code. When a user views the processed JUnit results, the injected script will be executed in their browser, leading to a stored XSS attack.
What is the Impact of CVE-2023-25761?
Successful exploitation may allow attackers to execute arbitrary scripts in the context of the victim's browser, steal session tokens or sensitive data, deface web pages, or redirect users to malicious sites.
What is the Exploitability of CVE-2023-25761?
Exploitation requires an attacker to be able to control test case class names within the JUnit resources processed by the plugin. This typically implies either direct access to the Jenkins system with permissions to upload or modify JUnit reports, or the ability to compromise a build process that generates such reports. No specific authentication is mentioned for direct exploitation, but controlling the input source is key. The attack is generally remote once the malicious input is stored. The complexity is moderate, as it requires crafting specific input that bypasses sanitation for XSS.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2023-25761?
Available Upgrade Options
- org.jenkins-ci.plugins:junit
- <1166.1168.vd6b_8042a_06de → Upgrade to 1166.1168.vd6b_8042a_06de
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://nvd.nist.gov/vuln/detail/CVE-2023-25761
- http://www.openwall.com/lists/oss-security/2023/02/15/4
- https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032
- https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032
- https://osv.dev/vulnerability/GHSA-ph74-8rgx-64c5
- https://github.com/jenkinsci/junit-plugin/commit/d6b8042a06de4aaaf0942ad79036095b853eea02
- http://www.openwall.com/lists/oss-security/2023/02/15/4
What are Similar Vulnerabilities to CVE-2023-25761?
Similar Vulnerabilities: CVE-2023-27901 , CVE-2022-41223 , CVE-2022-46679 , CVE-2022-26135 , CVE-2022-34169
