CVE-2025-53652 Information

Description

Jenkins Git Parameter Plugin 439.vb_0e46ca_14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices allowing attackers with Item/Build permission to inject arbitrary values into Git parameters.

Reference

https://www.jenkins.io/security/advisory/2025-07-09/#SECURITY-3419

Related CNNVD

CNNVD-202507-1314 (Published: 2025-07-09)