Lucene search
+L

4 matches found

Check Point Advisories
Check Point Advisories
added 2022/11/24 12:0 a.m.50 views

Jenkins Scriptler Plugin Cross-Site Scripting (CVE-2021-21667)

A stored cross-site scripting vulnerability exists in Jenkins Scriptler Plugin. This vulnerability is due to insufficient escaping of parameter names shown in job configuration forms...

3.5CVSS1.6AI score0.75742EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/01/06 6:45 p.m.7 views

com.seitenbau.jenkins.plugins:dynamicparameter (=0.2.0), org.biouno:uno-choice (>=1.0 <=1.5.3-alpha) potentially affected by CVE-2021-21667 via org.jenkins-ci.plugins:scriptler (>=2.2 <=2.9)

org.jenkins-ci.plugins:scriptler MAVEN version =2.2, =1.0, =1.5.3-alpha Source cves: CVE-2021-21667 Source advisory: OSV:GHSA-P479-RWHP-RWJX...

5.4CVSS6AI score0.75742EPSS
Exploits0
NVD
NVD
added 2021/06/16 2:15 p.m.36 views

CVE-2021-21667

Jenkins Scriptler Plugin 3.2 and earlier does not escape parameter names shown in job configuration forms, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission...

5.4CVSS0.75742EPSS
Exploits0References2
CVE
CVE
added 2021/06/16 1:40 p.m.96 views

CVE-2021-21667

CVE-2021-21667 affects Jenkins Scriptler Plugin up to version 3.2. The issue is a stored XSS due to parameter names not being escaped in job configuration forms, exploitable by attackers with Scriptler/Configure permission. Impact is limited to stored XSS within affected Jenkins instances; no pub...

5.4CVSS5.2AI score0.75742EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder