Lucene search
Email Extension Template Security Vulnerabilities
cve
Jenkins Email Extension Plugin 2.93 and earlier does not escape, sanitize, or sandbox rendered email template output or log output generated during template rendering, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create or change custom email...
5.4CVSS
5.3AI Score
0.001EPSS
2023-02-15 02:15 PM
33
cve
A cross-site request forgery vulnerability exists in Jenkins Email Extension Template Plugin 1.0 and earlier in ExtEmailTemplateManagement.java that allows creating or removing...
8.1CVSS
8AI Score
0.001EPSS
2019-01-09 11:29 PM
22