CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

65 matches found

RedhatCVE•added 2026/01/09 12:38 p.m.•2 views

CVE-2023-50764

Jenkins Scriptler Plugin 342.v6a89fd40f466 and earlier does not restrict a file name query parameter in an HTTP endpoint, allowing attackers with Scriptler/Configure permission to delete arbitrary files on the Jenkins controller file system...

8.1CVSS6.8AI score0.00083EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 12:37 p.m.•7 views

CVE-2023-50765

A missing permission check in Jenkins Scriptler Plugin 342.v6a89fd40f466 and earlier allows attackers with Overall/Read permission to read the contents of a Groovy script by knowing its ID...

4.3CVSS6.3AI score0.0007EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-0463

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00241EPSS

Exploits0References4

RedhatCVE•added 2025/05/22 9:32 p.m.•6 views

CVE-2021-21700

Jenkins Scriptler Plugin 3.3 and earlier does not escape the name of scripts on the UI when asking to confirm their deletion, resulting in a stored cross-site scripting XSS vulnerability exploitable by exploitable by attackers able to create Scriptler scripts...

5.4CVSS5.4AI score0.00205EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 6:19 p.m.•3 views

CVE-2021-21668

Jenkins Scriptler Plugin 3.1 and earlier does not escape script content, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission...

5.4CVSS5.4AI score0.00241EPSS

Exploits0References1

Veracode•added 2023/12/14 11:44 a.m.•18 views

Missing Permission Check

org.jenkins-ci.plugins:scriptler is vulnerable to a Missing Permission Check. The vulnerability is due to a missing permission check in a HTTP end point which allows attackers with Overall/Read permission to read the contents of a Groovy script by knowing its ID...

4.3CVSS6.7AI score0.0007EPSS

Exploits0References5Affected Software1

vulnersOsv•added 2023/12/13 6:31 p.m.•2 views

com.seitenbau.jenkins.plugins:dynamicparameter (=0.2.0), org.biouno:uno-choice (>=1.0 <=1.5.3-alpha) potentially affected by CVE-2023-50765 via org.jenkins-ci.plugins:scriptler (>=2.2 <=2.9)

org.jenkins-ci.plugins:scriptler MAVEN version =2.2, =1.0, =1.5.3-alpha Source cves: CVE-2023-50765 Source advisory: OSV:GHSA-4J42-6XFX-H754...

4.3CVSS5.8AI score0.0007EPSS

Exploits0

OSV•added 2023/12/13 6:31 p.m.•24 views

GHSA-XCRR-X93H-RV4V Arbitrary file deletion vulnerability in Jenkins Scriptler Plugin

8.1CVSS7.9AI score0.00083EPSS

Exploits0References3

OSV•added 2023/12/13 6:31 p.m.•19 views

GHSA-4J42-6XFX-H754 Missing permission check in Jenkins Scriptler Plugin

A missing permission check in Jenkins Scriptler Plugin 342.v6a89fd40f466 and earlier allows attackers with Overall/Read permission to read the contents of a Groovy script by knowing its ID...

4.3CVSS4.5AI score0.0007EPSS

Exploits0References5

Github Security Blog•added 2023/12/13 6:31 p.m.•30 views

Arbitrary file deletion vulnerability in Jenkins Scriptler Plugin

8.1CVSS7AI score0.00083EPSS

Exploits0References4Affected Software1

vulnersOsv•added 2023/12/13 6:31 p.m.•1 views

com.seitenbau.jenkins.plugins:dynamicparameter (=0.2.0), org.biouno:uno-choice (>=1.0 <=1.5.3-alpha) potentially affected by CVE-2023-50764 via org.jenkins-ci.plugins:scriptler (>=2.2 <=2.9)

org.jenkins-ci.plugins:scriptler MAVEN version =2.2, =1.0, =1.5.3-alpha Source cves: CVE-2023-50764 Source advisory: OSV:GHSA-XCRR-X93H-RV4V...

8.1CVSS7.2AI score0.00083EPSS

Exploits0

Github Security Blog•added 2023/12/13 6:31 p.m.•22 views

Missing permission check in Jenkins Scriptler Plugin

A missing permission check in Jenkins Scriptler Plugin 342.v6a89fd40f466 and earlier allows attackers with Overall/Read permission to read the contents of a Groovy script by knowing its ID...

4.3CVSS6.6AI score0.0007EPSS

Exploits0References5Affected Software1

OSV•added 2023/12/13 6:15 p.m.•0 views

CVE-2023-50764

8.1CVSS5.9AI score0.00083EPSS

Exploits0References2

NVD•added 2023/12/13 6:15 p.m.•14 views

CVE-2023-50764

8.1CVSS0.00083EPSS

Exploits0References2

OSV•added 2023/12/13 6:15 p.m.•0 views

CVE-2023-50765

A missing permission check in Jenkins Scriptler Plugin 342.v6a89fd40f466 and earlier allows attackers with Overall/Read permission to read the contents of a Groovy script by knowing its ID...

4.3CVSS5.8AI score0.0007EPSS

Exploits0References2

NVD•added 2023/12/13 6:15 p.m.•14 views

CVE-2023-50765

A missing permission check in Jenkins Scriptler Plugin 342.v6a89fd40f466 and earlier allows attackers with Overall/Read permission to read the contents of a Groovy script by knowing its ID...

4.3CVSS0.0007EPSS

Exploits0References2

Prion•added 2023/12/13 6:15 p.m.•14 views

Information disclosure

A missing permission check in Jenkins Scriptler Plugin 342.v6a89fd40f466 and earlier allows attackers with Overall/Read permission to read the contents of a Groovy script by knowing its ID...

4CVSS6.6AI score0.0007EPSS

Exploits0References2Affected Software1

Prion•added 2023/12/13 6:15 p.m.•16 views

Design/Logic Flaw

5.5CVSS6.9AI score0.00083EPSS

Exploits0References2Affected Software1

CVE•added 2023/12/13 5:30 p.m.•62 views

CVE-2023-50765

CVE-2023-50765 affects Jenkins Scriptler Plugin versions 342.v6a_89fd40f466 and earlier. The vulnerability is a missing permission check that allows attackers with Overall/Read permission to read the contents of a Groovy script by knowing its ID. Impact is information disclosure of Groovy scripts...

4.3CVSS4.2AI score0.0007EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/12/13 5:30 p.m.•15 views

CVE-2023-50765

A missing permission check in Jenkins Scriptler Plugin 342.v6a89fd40f466 and earlier allows attackers with Overall/Read permission to read the contents of a Groovy script by knowing its ID...

5AI score0.0007EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by