CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

RedhatCVE•added 2026/01/09 12:37 p.m.•7 views

CVE-2023-50765

A missing permission check in Jenkins Scriptler Plugin 342.v6a89fd40f466 and earlier allows attackers with Overall/Read permission to read the contents of a Groovy script by knowing its ID...

4.3CVSS6.3AI score0.0007EPSS

Exploits0References1

NVD•added 2023/12/13 6:15 p.m.•14 views

CVE-2023-50764

Jenkins Scriptler Plugin 342.v6a89fd40f466 and earlier does not restrict a file name query parameter in an HTTP endpoint, allowing attackers with Scriptler/Configure permission to delete arbitrary files on the Jenkins controller file system...

8.1CVSS0.00083EPSS

Exploits0References2

OSV•added 2023/12/13 6:15 p.m.•0 views

CVE-2023-50765

A missing permission check in Jenkins Scriptler Plugin 342.v6a89fd40f466 and earlier allows attackers with Overall/Read permission to read the contents of a Groovy script by knowing its ID...

4.3CVSS5.8AI score0.0007EPSS

Exploits0References2

Prion•added 2023/12/13 6:15 p.m.•14 views

Information disclosure

A missing permission check in Jenkins Scriptler Plugin 342.v6a89fd40f466 and earlier allows attackers with Overall/Read permission to read the contents of a Groovy script by knowing its ID...

4CVSS6.6AI score0.0007EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/12/13 5:30 p.m.•15 views

CVE-2023-50765

A missing permission check in Jenkins Scriptler Plugin 342.v6a89fd40f466 and earlier allows attackers with Overall/Read permission to read the contents of a Groovy script by knowing its ID...

5AI score0.0007EPSS

Exploits0References2

Cvelist•added 2023/12/13 5:30 p.m.•18 views

CVE-2023-50764

8.2AI score0.00083EPSS

Exploits0References2

Positive Technologies•added 2023/12/13 12:0 a.m.•3 views

PT-2023-31634 · Jenkins · Jenkins Scriptler Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Scriptler Plugin versions 342.v6a 89fd40f466 and earlier Description: A missing permission check in the Jenkins Scriptler Plugin allows attackers with Overall/Read permission to read the contents of a Groovy script by knowing its ID...

4.3CVSS4.2AI score0.0007EPSS

Exploits0References8

CNNVD•added 2023/12/13 12:0 a.m.•3 views

Jenkins Scriptler Plugin Security Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

8.1CVSS6.8AI score0.00083EPSS

Exploits0References4

CNNVD•added 2023/12/13 12:0 a.m.•2 views

Jenkins Scriptler Plugin Security Vulnerability

4.3CVSS6.6AI score0.0007EPSS

Exploits0References4

Github Security Blog•added 2022/05/24 7:20 p.m.•21 views

Stored XSS vulnerability in Jenkins Scriptler Plugin

Jenkins Scriptler Plugin 3.3 and earlier does not escape the name of scripts on the UI when asking to confirm their deletion. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to create Scriptler scripts. Jenkins Scriptler Plugin 3.4 escapes the name of...

5.4CVSS4.9AI score0.00205EPSS

Exploits0References5Affected Software1

Github Security Blog•added 2022/01/06 6:45 p.m.•20 views

Stored XSS vulnerability in Jenkins Scriptler Plugin

Jenkins Scriptler Plugin 3.2 and earlier does not escape parameter names shown in job configuration forms. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission. Jenkins Scriptler Plugin 3.3 escapes parameter names shown in jo...

5.4CVSS4.9AI score0.00241EPSS

Exploits0References5Affected Software1

NVD•added 2021/11/12 11:15 a.m.•14 views

CVE-2021-21700

Jenkins Scriptler Plugin 3.3 and earlier does not escape the name of scripts on the UI when asking to confirm their deletion, resulting in a stored cross-site scripting XSS vulnerability exploitable by exploitable by attackers able to create Scriptler scripts...

5.4CVSS0.00205EPSS

Exploits0References2

Positive Technologies•added 2021/11/12 12:0 a.m.•1 views

PT-2021-14731 · Jenkins · Jenkins Scriptler Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Scriptler Plugin versions 3.3 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the Jenkins Scriptler Plugin does not escape the name of scripts on the UI when asking t...

5.4CVSS5.1AI score0.00205EPSS

Exploits0References9

Prion•added 2021/06/16 2:15 p.m.•15 views

Cross site scripting

Jenkins Scriptler Plugin 3.1 and earlier does not escape script content, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission...

3.5CVSS5.3AI score0.00241EPSS

Exploits0References2Affected Software1

Cvelist•added 2021/06/16 1:40 p.m.•13 views

CVE-2021-21667

Jenkins Scriptler Plugin 3.2 and earlier does not escape parameter names shown in job configuration forms, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission...

5.5AI score0.00241EPSS

Exploits0References2

Positive Technologies•added 2021/06/16 12:0 a.m.•3 views

PT-2021-14710 · Jenkins · Jenkins Scriptler Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Scriptler Plugin versions 3.2 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability. This is due to the plugin not escaping parameter names shown in job configuration forms. Attackers with...

5.4CVSS5.2AI score0.00241EPSS

Exploits0References6

Positive Technologies•added 2021/06/16 12:0 a.m.•2 views

PT-2021-14711 · Jenkins · Jenkins Scriptler Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Scriptler Plugin versions 3.1 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability because the script content is not escaped. This vulnerability is exploitable by attackers with...

5.4CVSS5.2AI score0.00241EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by