{"id":10839,"date":"2026-02-21T10:03:45","date_gmt":"2026-02-21T10:03:45","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/02\/21\/critical-jenkins-vulnerability-exposes-build-environments-to-xss-attacks\/"},"modified":"2026-02-21T10:03:45","modified_gmt":"2026-02-21T10:03:45","slug":"critical-jenkins-vulnerability-exposes-build-environments-to-xss-attacks","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/02\/21\/critical-jenkins-vulnerability-exposes-build-environments-to-xss-attacks\/","title":{"rendered":"Critical Jenkins Vulnerability Exposes Build Environments to XSS Attacks"},"content":{"rendered":"

Critical Jenkins Vulnerability Exposes Build Environments to XSS Attacks
\n \t

\n
<\/BR>
\n
\n \t

\n
<\/BR><\/p>\n

\n

Security Advisory has revealed multiple vulnerabilities in Jenkins Core, including a\u00a0stored Cross-Site Scripting (XSS)\u00a0flaw<\/a> that could expose build environments to severe security risks.<\/p>\n

The issues, identified as\u00a0CVE-2026-27099\u00a0and\u00a0CVE-2026-27100, were responsibly disclosed under the Jenkins Bug Bounty Program <\/a>sponsored by the European Commission.<\/p>\n

The most critical of the two, tracked as\u00a0CVE-2026-27099, is a\u00a0high-severity stored XSS vulnerability\u00a0that impacts Jenkins versions\u00a02.550 and earlier, as well as LTS versions\u00a02.541.1 and earlier.<\/p>\n

The flaw originates in how Jenkins handles \u201coffline cause descriptions,\u201d which explain why a build node goes offline.<\/p>\n

Since version 2.483, these descriptions allowed HTML content, but the input wasn\u2019t properly escaped in vulnerable versions.<\/p>\n

\n\n\n\n\n\n\n
CVE ID<\/th>\nCVSS Score<\/th>\nDescription<\/th>\nAffected Versions<\/th>\n<\/tr>\n<\/thead>\n
CVE-2026-27099<\/strong><\/td>\nHigh<\/td>\nStored XSS in node offline cause description<\/td>\nJenkins \u2264 2.550, LTS \u2264 2.541.1<\/td>\n<\/tr>\n
CVE-2026-27100<\/strong><\/td>\nMedium<\/td>\nBuild information disclosure via Run Parameter<\/td>\nJenkins \u2264 2.550, LTS \u2264 2.541.1<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n

An attacker with\u00a0Agent\/Configure\u00a0or\u00a0Agent\/Disconnect\u00a0permissions could inject malicious JavaScript <\/a>into the offline cause description, potentially compromising other users\u2019 sessions.<\/p>\n

Jenkins versions\u00a02.551\u00a0and\u00a0LTS 2.541.2\u00a0address this issue by escaping user-supplied input.<\/p>\n

Additionally, instances using\u00a0Content Security Policy (CSP)\u00a0enforcement on Jenkins<\/a> 2.539 and newer are partially protected against these attacks.<\/p>\n

The second vulnerability,\u00a0CVE-2026-27100, rated\u00a0medium severity, affects how Jenkins handles Run Parameter values.<\/p>\n

In affected versions up to 2.550 (and LTS 2.541.1), users could query builds or jobs they didn\u2019t have permission to access.<\/p>\n

This allowed attackers to determine whether specific projects or builds existed, potentially leading to information disclosure within the Jenkins environment.<\/p>\n

Jenkins\u00a02.551\u00a0and\u00a0LTS 2.541.2\u00a0now properly reject unauthorized Run Parameter values, preventing this type of data leakage<\/a>.<\/p>\n

Jenkins administrators are strongly advised to update<\/a> to the latest versions 2.551\u00a0or\u00a0LTS 2.541.2 to mitigate both vulnerabilities. Builds that rely on older versions remain at risk of script injection and unauthorized exposure of build information.<\/p>\n

Follow us on Google News<\/a>, LinkedIn<\/a>, and X<\/a> for daily cybersecurity updates. Contact us<\/a> to feature your stories.<\/strong><\/p>\n

The post Critical Jenkins Vulnerability Exposes Build Environments to XSS Attacks<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\n

\t

\n
<\/BR>
\n Abinaya
\n \t

\n
<\/BR>
\nGo to cyber-security-news<\/a>
\n \t

\n
<\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"

Critical Jenkins Vulnerability Exposes Build Environments to XSS Attacks Security Advisory has revealed multiple vulnerabilities in Jenkins Core, including a\u00a0stored Cross-Site Scripting (XSS)\u00a0flaw that could expose build environments to severe security risks. The issues, identified as\u00a0CVE-2026-27099\u00a0and\u00a0CVE-2026-27100, were responsibly disclosed under the Jenkins Bug Bounty Program sponsored by the European Commission. The most critical of the […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[129,63,131,648],"tags":[130],"class_list":["post-10839","post","type-post","status-publish","format-standard","hentry","category-cyber-security","category-cyber-security-news","category-vulnerability","category-vulnerability-news","tag-cyber-security-news"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/10839"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=10839"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/10839\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=10839"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=10839"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=10839"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}