CVE-2023-50766

Name of the Vulnerable Software and Affected Versions Jenkins Nexus Platform Plugin versions 3.18.0-03 and earlier

Description A cross-site request forgery (CSRF) vulnerability allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML. The plugin does not perform permission checks in methods implementing form validation, which allows attackers with Overall/Read permission to exploit this issue. Additionally, the plugin does not configure its XML parser to prevent XML external entity (XXE) attacks, enabling attackers to extract secrets from the Jenkins controller or perform server-side request forgery. The affected form validation methods do not require POST requests, resulting in the CSRF vulnerability.

Recommendations For Jenkins Nexus Platform Plugin versions 3.18.0-03 and earlier, update to version 3.18.1-01 or later, which configures its XML parser to prevent XML external entity (XXE) attacks and requires POST requests and Overall/Administer permission for the affected HTTP endpoints. As a temporary workaround, consider restricting access to the affected HTTP endpoints and requiring Overall/Administer permission to minimize the risk of exploitation.