CVE-2021-21667

CVE-2021-21667 affects Jenkins Scriptler Plugin up to version 3.2. The issue is a stored XSS due to parameter names not being escaped in job configuration forms, exploitable by attackers with Scriptler/Configure permission. Impact is limited to stored XSS within affected Jenkins instances; no pub...

CVE-2021-21667

Jenkins Scriptler Plugin 3.2 and earlier does not escape parameter names shown in job configuration forms, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission...

Jenkins Scriptler Plugin 跨站脚本漏洞

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in the Jenkins Scriptler Plugin that stems from the fact that Jenkins Scriptler Plugin...

PT-2021-14710 · Jenkins · Jenkins Scriptler Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Scriptler Plugin versions 3.2 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability. This is due to the plugin not escaping parameter names shown in job configuration forms. Attackers with...

Jenkins Scriptler Plugin 跨站脚本漏洞

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A cross-site scripting vulnerability exists in Jenkins Scriptler Plugin 3.1 and earlier versions that stems from the...

PT-2021-14711 · Jenkins · Jenkins Scriptler Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Scriptler Plugin versions 3.1 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability because the script content is not escaped. This vulnerability is exploitable by attackers with...