Description
Jenkins Pipeline: Stage View Plugin 2.26 and earlier does not correctly encode the ID of 'input' steps when using it to generate URLs to proceed or abort Pipeline builds, allowing attackers able to configure Pipelines to specify 'input' step IDs resulting in URLs that would bypass the CSRF protection of any target URL in Jenkins.
Remediation
References
http://www.openwall.com/lists/oss-security/2022/10/19/3
https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2828
Related Vulnerabilities
CVE-2022-41881 Vulnerability in maven package io.netty:netty-codec-haproxy
CVE-2022-43413 Vulnerability in maven package org.jenkins-ci.plugins:job-import-plugin
CVE-2021-23358 Vulnerability in npm package underscore
CVE-2023-32007 Vulnerability in maven package org.apache.spark:spark-core_2.13
CVE-2020-9548 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind