Description
Jenkins Pipeline: Stage View Plugin 2.26 and earlier does not correctly encode the ID of 'input' steps when using it to generate URLs to proceed or abort Pipeline builds, allowing attackers able to configure Pipelines to specify 'input' step IDs resulting in URLs that would bypass the CSRF protection of any target URL in Jenkins.
Remediation
References
https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2828
http://www.openwall.com/lists/oss-security/2022/10/19/3
Related Vulnerabilities
CVE-2020-15777 Vulnerability in maven package com.gradle:gradle-enterprise-maven-extension
CVE-2021-37580 Vulnerability in maven package org.apache.shenyu:shenyu-admin
CVE-2023-26119 Vulnerability in maven package net.sourceforge.htmlunit:htmlunit
CVE-2019-20174 Vulnerability in npm package auth0-lock
CVE-2014-1972 Vulnerability in maven package org.apache.tapestry:tapestry-core