CVE-2025-67641
BaseFortify
Publication date: 2025-12-10
Last updated on: 2025-12-17
Assigner: Jenkins Project
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| jenkins | coverage | to 2.3054.ve1ff7b_a_a_123b (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Jenkins Coverage Plugin version 2.3054.ve1ff7b_a_a_123b_ and earlier. It occurs because the plugin does not validate the configured coverage results ID when creating coverage results via the REST API, only during UI job configuration submission. This allows attackers with Item/Configure permission to set a `javascript:` scheme URL as an identifier, leading to a stored cross-site scripting (XSS) vulnerability.
How can this vulnerability impact me? :
An attacker with Item/Configure permission can exploit this vulnerability to inject malicious JavaScript code into the Jenkins environment via the coverage results ID. This stored XSS vulnerability can lead to unauthorized script execution in the context of users viewing the affected Jenkins instance, potentially compromising user sessions, stealing credentials, or performing other malicious actions.