Ilay Goldman

**Name of the Vulnerable Software and Affected Versions** Jenkins versions 2.270 through 2.393 Jenkins LTS versions 2.277.1 through 2.375.3 **Description** The issue is related to errors in handling HTTP headers, which can allow a remote attacker to perform cross-site scripting (XSS) attacks. The vulnerability is exploitable by attackers who can provide plugins to the configured update sites and have the error message shown by Jenkins instances. This results in a stored cross-site scripting (XSS) vulnerability. **Recommendations** For Jenkins versions 2.270 through 2.393, update to a version outside of this range to resolve the issue. For Jenkins LTS versions 2.277.1 through 2.375.3, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to the plugin update sites to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Jenkins update-center2 versions 3.13 through 3.14 **Description** The issue is related to a stored cross-site scripting (XSS) vulnerability. This occurs because the required Jenkins core version on plugin download index pages is rendered without sanitization. Attackers who can provide a plugin for hosting may exploit this vulnerability, potentially allowing them to perform cross-site scripting attacks. The vulnerability is associated with errors in processing HTTP headers, which can be exploited by a remote attacker to carry out XSS attacks. **Recommendations** For Jenkins update-center2 versions 3.13 and 3.14, consider disabling the rendering of the required Jenkins core version on plugin download index pages until a patch is available. Restrict access to plugin hosting to minimize the risk of exploitation. Avoid using unsanitized input in the affected plugin download index pages. At the moment, there is no information about a newer version that contains a fix for this vulnerability.