Description
In Jenkins 2.399 and earlier, LTS 2.387.3 and earlier, POST requests are sent in order to load the list of context actions. If part of the URL includes insufficiently escaped user-provided values, a victim may be tricked into sending a POST request to an unexpected endpoint by opening a context menu.
Remediation
References
https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-3135
http://www.openwall.com/lists/oss-security/2023/06/14/5
Related Vulnerabilities
CVE-2022-43423 Vulnerability in maven package com.compuware.jenkins:compuware-scm-downloader
CVE-2022-31183 Vulnerability in maven package co.fs2:fs2-io_sjs1_2.13
CVE-2014-0111 Vulnerability in maven package org.apache.syncope:syncope-core
CVE-2022-23532 Vulnerability in maven package org.neo4j.procedure:apoc
CVE-2018-1000198 Vulnerability in maven package com.blackducksoftware.integration:blackduck-hub