This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempts to exploit a vulnerability in Jenkins which could result in arbitrary code execution.
Jenkins is a web server application.
The application is prone to the following unspecified vulnerabilities:
1. A cross-site-scripting vulnerability occurs because it fails to sufficiently sanitize user-supplied data.
2. An arbitrary code-execution vulnerability because it fails to sufficiently sanitize user-supplied data. Attackers can exploit this issue to insert data into Jenkins master.
Note: To exploit this issue, attackers require read access to the application and HTTP access to a master.
Attackers can exploit these issues to execute arbitrary code in the context of the web server, compromise the affected application, and steal cookie-based authentication credentials from legitimate users of the site. Other attacks are also possible.
- Jenkins versions prior to 1.482 and 1.466.2 LTS are vulnerable.