CVE-2023-35141

Name of the Vulnerable Software and Affected Versions Jenkins versions 2.399 and earlier, LTS versions 2.387.3 and earlier

Description The issue arises when POST requests are sent to load the list of context actions. If part of the URL includes insufficiently escaped user-provided values, a victim may be tricked into sending a POST request to an unexpected endpoint, such as the Script Console, by opening a context menu. This can be exploited by attackers with Item/Configure permissions, particularly through insufficiently escaped context menu URLs for label expressions.

Recommendations For Jenkins versions 2.399 and earlier, update to version 2.400 or later to resolve the issue. For LTS versions 2.387.3 and earlier, update to version 2.401.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the context menu or limiting the permissions of users who can configure items to minimize the risk of exploitation.