3 matches found
CVE-2023-25765
In Jenkins Email Extension Plugin 2.93 and earlier, templates defined inside a folder were not subject to Script Security protection, allowing attackers able to define email templates in folders to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller J...
CVE-2023-25765
CVE-2023-25765 affects Jenkins Email Extension Plugin up to version 2.93, where templates defined in folders were not protected by Script Security, allowing an attacker to bypass the sandbox and execute arbitrary code in the Jenkins controller JVM. The CVSS 3.1 vector shows network access, low co...
CVE-2023-25765
In Jenkins Email Extension Plugin 2.93 and earlier, templates defined inside a folder were not subject to Script Security protection, allowing attackers able to define email templates in folders to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller J...