CVE-2023-50767

Name of the Vulnerable Software and Affected Versions Jenkins Nexus Platform Plugin versions 3.18.0-03 and earlier

Description The issue is related to missing permission checks in the Jenkins Nexus Platform Plugin, allowing attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML. This also leads to a cross-site request forgery (CSRF) vulnerability due to the lack of requirement for POST requests. Additionally, the plugin does not configure its XML parser to prevent XML external entity (XXE) attacks, which can result in the extraction of secrets from the Jenkins controller or server-side request forgery.

Recommendations For Jenkins Nexus Platform Plugin versions 3.18.0-03 and earlier, update to version 3.18.1-01 or later, which configures its XML parser to prevent XML external entity (XXE) attacks and requires POST requests and Overall/Administer permission for the affected HTTP endpoints. As a temporary workaround, consider restricting access to the plugin's form validation methods to minimize the risk of exploitation.