2 matches found
jenkins-2-plugin: email-ext: Missing permission check in Email Extension Plugin
A flaw was found in the Jenkins Email Extension Plugin. Affected versions of the Jenkins Email Extension Plugin could allow a remote, authenticated attacker to obtain sensitive information caused by improper permission validation. By sending a specially crafted request, an attacker can check for...
Improper Validation
Jenkins Email Extension Plugin is vulnerable to Improper Validation. The vulnerability exists due to lack of form validations which allows an attacker to gain read access to the email-templates/ file directory...