Stored XSS vulnerability in Jenkins Scriptler Plugin

Jenkins Scriptler Plugin 3.3 and earlier does not escape the name of scripts on the UI when asking to confirm their deletion. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to create Scriptler scripts. Jenkins Scriptler Plugin 3.4 escapes the name of...

Stored XSS vulnerability in Jenkins Scriptler Plugin

Jenkins Scriptler Plugin 3.2 and earlier does not escape parameter names shown in job configuration forms. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission. Jenkins Scriptler Plugin 3.3 escapes parameter names shown in jo...

GHSA-P479-RWHP-RWJX Stored XSS vulnerability in Jenkins Scriptler Plugin

Jenkins Scriptler Plugin 3.2 and earlier does not escape parameter names shown in job configuration forms. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission. Jenkins Scriptler Plugin 3.3 escapes parameter names shown in jo...

GHSA-5C6C-W4C4-VGVX Stored XSS vulnerability in Jenkins Scriptler Plugin

Jenkins Scriptler Plugin 3.1 and earlier does not escape script content. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission. Jenkins Scriptler Plugin 3.2 escapes script content...

Stored XSS vulnerability in Jenkins Scriptler Plugin

Jenkins Scriptler Plugin 3.1 and earlier does not escape script content. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission. Jenkins Scriptler Plugin 3.2 escapes script content...

Jenkins Cross-Site Scripting Vulnerability (CNVD-2021-93374)

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.A cross-site scripting vulnerability exists in the Jenkins Plugin, which stems from the Scriptler plugin version 3.3 and...

CVE-2021-21700

Jenkins Scriptler Plugin 3.3 and earlier does not escape the name of scripts on the UI when asking to confirm their deletion, resulting in a stored cross-site scripting XSS vulnerability exploitable by exploitable by attackers able to create Scriptler scripts...

CVE-2021-21700

Jenkins Scriptler Plugin 3.3 and earlier does not escape the name of scripts on the UI when asking to confirm their deletion, resulting in a stored cross-site scripting XSS vulnerability exploitable by exploitable by attackers able to create Scriptler scripts...

Cross site scripting

Jenkins Scriptler Plugin 3.3 and earlier does not escape the name of scripts on the UI when asking to confirm their deletion, resulting in a stored cross-site scripting XSS vulnerability exploitable by exploitable by attackers able to create Scriptler scripts...

CVE-2021-21700

CVE-2021-21700 affects the Jenkins Scriptler Plugin. Documents confirm a stored XSS in Scriptler Plugin versions 3.3 and earlier caused by failing to escape the name of scripts on the UI during deletion confirmation. The vulnerability can be exploited by attackers who can create Scriptler scripts...

Jenkins 跨站脚本漏洞

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.A cross-site scripting vulnerability exists in the Jenkins Plugin, which stems from the Scriptler plugin version 3.3 and...

PT-2021-14731 · Jenkins · Jenkins Scriptler Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Scriptler Plugin versions 3.3 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the Jenkins Scriptler Plugin does not escape the name of scripts on the UI when asking t...

CVE-2021-21668

Jenkins Scriptler Plugin 3.1 and earlier does not escape script content, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission...

CVE-2021-21667

Jenkins Scriptler Plugin 3.2 and earlier does not escape parameter names shown in job configuration forms, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission...

CVE-2021-21667

Jenkins Scriptler Plugin 3.2 and earlier does not escape parameter names shown in job configuration forms, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission...

Cross site scripting

Jenkins Scriptler Plugin 3.1 and earlier does not escape script content, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission...

CVE-2021-21668

Affected software: Jenkins Scriptler Plugin (versions ≤ 3.1). Vulnerability: Stored XSS due to failure to escape script content; exploitable by attackers with Scriptler/Configure permission. Impact: Cross-site scripting: script content can be crafted to execute in the context of the vulnerable Je...

CVE-2021-21668

Jenkins Scriptler Plugin 3.1 and earlier does not escape script content, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission...

CVE-2021-21668

Jenkins Scriptler Plugin 3.1 and earlier does not escape script content, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission...

CVE-2021-21667

Jenkins Scriptler Plugin 3.2 and earlier does not escape parameter names shown in job configuration forms, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission...