Description
In Jenkins 2.399 and earlier, LTS 2.387.3 and earlier, POST requests are sent in order to load the list of context actions. If part of the URL includes insufficiently escaped user-provided values, a victim may be tricked into sending a POST request to an unexpected endpoint by opening a context menu.
Remediation
References
http://www.openwall.com/lists/oss-security/2023/06/14/5
https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-3135
Related Vulnerabilities
CVE-2017-7666 Vulnerability in maven package org.apache.openmeetings:openmeetings-web
CVE-2022-24802 Vulnerability in npm package deepmerge-ts
CVE-2021-21391 Vulnerability in npm package @ckeditor/ckeditor5-media-embed
CVE-2019-14540 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind