Description
Jenkins 2.196 and earlier, LTS 2.176.3 and earlier did not restrict or filter values set as Jenkins URL in the global configuration, resulting in a stored XSS vulnerability exploitable by attackers with Overall/Administer permission.
Remediation
References
https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1471
http://www.openwall.com/lists/oss-security/2019/09/25/3
Related Vulnerabilities
CVE-2022-35144 Vulnerability in npm package raneto
CVE-2020-2224 Vulnerability in maven package org.jenkins-ci.plugins:matrix-project
CVE-2022-25898 Vulnerability in maven package org.webjars.npm:jsrsasign
CVE-2020-2095 Vulnerability in maven package org.jenkins-ci.plugins:redgate-sql-ci
CVE-2020-2138 Vulnerability in maven package org.jenkins-ci.plugins:cobertura