CVE-2025-67641

CVE-2025-67641

Name

CVE-2025-67641

Description

Jenkins Coverage Plugin 2.3054.ve1ff7b_a_a_123b_ and earlier does not validate the configured coverage results ID when creating coverage results, only when submitting the job configuration through the UI, allowing attackers with Item/Configure permission to use a `javascript:` scheme URL as identifier by configuring the job through the REST API, resulting in a stored cross-site scripting (XSS) vulnerability.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
vendor-advisory	https://www.jenkins.io/security/advisory/2025-12-10/#SECURITY-3611

Type

URI

vendor-advisory

https://www.jenkins.io/security/advisory/2025-12-10/#SECURITY-3611

CPE URI	Source package	Min version	Max version
	jenkins-coverage-plugin	== 0	== None
`cpe:2.3:a:jenkins:coverage::::::jenkins::*`	jenkins	>= None	<= 2.3054.ve1ff7b_a_a_123b

CPE URI

Source package

Min version

Max version

jenkins-coverage-plugin

== 0

== None

cpe:2.3:a:jenkins:coverage:*:*:*:*:*:jenkins:*:*

jenkins

>= None

<= 2.3054.ve1ff7b_a_a_123b

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
jenkins	edge-community	2.541.1-r0	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
jenkins	edge-community	2.528.3-r0	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
jenkins	edge-community	2.516.1-r0	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
jenkins	edge-community	2.479.1-r1	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
jenkins	edge-community	2.479.1-r0	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
jenkins	edge-community	2.361.2-r0	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
jenkins	edge-community	2.346.2-r1	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
jenkins	edge-community	2.346.2-r0	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
jenkins	edge-community	2.332.4-r0	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
jenkins	edge-community	2.332.3-r0	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
jenkins	edge-community	2.332.2-r0	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
jenkins	edge-community	2.332.1-r0	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
jenkins	edge-community	2.319.3-r0	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
jenkins	edge-community	2.319.2-r0	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
jenkins	edge-community	2.287-r0	None	possibly vulnerable
jenkins	edge-community	2.275-r0	None	possibly vulnerable
jenkins	edge-community	2.245-r0	None	possibly vulnerable
jenkins	edge-community	2.228-r0	None	possibly vulnerable
jenkins	3.23-community	2.516.1-r0	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
jenkins	3.22-community	2.479.1-r1	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
jenkins	3.22-community	2.479.1-r0	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
jenkins	3.22-community	2.361.2-r0	None	possibly vulnerable
jenkins	3.22-community	2.346.2-r0	None	possibly vulnerable
jenkins	3.22-community	2.332.1-r0	None	possibly vulnerable
jenkins	3.22-community	2.319.3-r0	None	possibly vulnerable
jenkins	3.22-community	2.319.2-r0	None	possibly vulnerable
jenkins	3.22-community	2.287-r0	None	possibly vulnerable
jenkins	3.22-community	2.275-r0	None	possibly vulnerable
jenkins	3.22-community	2.245-r0	None	possibly vulnerable
jenkins	3.22-community	2.228-r0	None	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages