CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

65 matches found

NVD•added 2021/11/12 11:15 a.m.•14 views

CVE-2021-21700

Jenkins Scriptler Plugin 3.3 and earlier does not escape the name of scripts on the UI when asking to confirm their deletion, resulting in a stored cross-site scripting XSS vulnerability exploitable by exploitable by attackers able to create Scriptler scripts...

5.4CVSS0.00205EPSS

Exploits0References2

Prion•added 2021/11/12 11:15 a.m.•18 views

Cross site scripting

3.5CVSS5.2AI score0.00205EPSS

Exploits0References2Affected Software1

CVE•added 2021/11/12 10:35 a.m.•70 views

CVE-2021-21700

CVE-2021-21700 affects the Jenkins Scriptler Plugin. Documents confirm a stored XSS in Scriptler Plugin versions 3.3 and earlier caused by failing to escape the name of scripts on the UI during deletion confirmation. The vulnerability can be exploited by attackers who can create Scriptler scripts...

5.4CVSS5.2AI score0.00205EPSS

Exploits0References2Affected Software1

Cvelist•added 2021/11/12 10:35 a.m.•14 views

CVE-2021-21700

5.4AI score0.00205EPSS

Exploits0References2

AlpineLinux•added 2021/11/12 10:35 a.m.•25 views

CVE-2021-21700

5.4CVSS5.1AI score0.00205EPSS

Exploits0References2

CNNVD•added 2021/11/12 12:0 a.m.•2 views

Jenkins 跨站脚本漏洞

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.A cross-site scripting vulnerability exists in the Jenkins Plugin, which stems from the Scriptler plugin version 3.3 and...

5.4CVSS5.3AI score0.00205EPSS

Exploits0References6

Positive Technologies•added 2021/11/12 12:0 a.m.•2 views

PT-2021-14731 · Jenkins · Jenkins Scriptler Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Scriptler Plugin versions 3.3 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the Jenkins Scriptler Plugin does not escape the name of scripts on the UI when asking t...

5.4CVSS5.1AI score0.00205EPSS

Exploits0References9

OSV•added 2021/06/16 2:15 p.m.•0 views

CVE-2021-21668

Jenkins Scriptler Plugin 3.1 and earlier does not escape script content, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission...

5.4CVSS6AI score

Exploits0References2

NVD•added 2021/06/16 2:15 p.m.•11 views

CVE-2021-21668

Jenkins Scriptler Plugin 3.1 and earlier does not escape script content, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission...

5.4CVSS0.00241EPSS

Exploits0References2

OSV•added 2021/06/16 2:15 p.m.•0 views

CVE-2021-21667

Jenkins Scriptler Plugin 3.2 and earlier does not escape parameter names shown in job configuration forms, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission...

5.4CVSS5.7AI score0.00241EPSS

Exploits0References2

NVD•added 2021/06/16 2:15 p.m.•14 views

CVE-2021-21667

5.4CVSS0.00241EPSS

Exploits0References2

Prion•added 2021/06/16 2:15 p.m.•15 views

Cross site scripting

Jenkins Scriptler Plugin 3.1 and earlier does not escape script content, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission...

3.5CVSS5.3AI score0.00241EPSS

Exploits0References2Affected Software1

Prion•added 2021/06/16 2:15 p.m.•12 views

Cross site scripting

3.5CVSS5.2AI score0.00241EPSS

Exploits0References2Affected Software1

CVE•added 2021/06/16 1:40 p.m.•84 views

CVE-2021-21668

Affected software: Jenkins Scriptler Plugin (versions ≤ 3.1). Vulnerability: Stored XSS due to failure to escape script content; exploitable by attackers with Scriptler/Configure permission. Impact: Cross-site scripting: script content can be crafted to execute in the context of the vulnerable Je...

5.4CVSS5.3AI score0.00241EPSS

Exploits0References2Affected Software1

Cvelist•added 2021/06/16 1:40 p.m.•13 views

CVE-2021-21668

Jenkins Scriptler Plugin 3.1 and earlier does not escape script content, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission...

5.5AI score0.00241EPSS

Exploits0References2

AlpineLinux•added 2021/06/16 1:40 p.m.•31 views

CVE-2021-21668

Jenkins Scriptler Plugin 3.1 and earlier does not escape script content, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission...

5.4CVSS2.1AI score0.00241EPSS

Exploits0References2

Cvelist•added 2021/06/16 1:40 p.m.•13 views

CVE-2021-21667

5.5AI score0.00241EPSS

Exploits0References2

CVE•added 2021/06/16 1:40 p.m.•81 views

CVE-2021-21667

CVE-2021-21667 affects Jenkins Scriptler Plugin up to version 3.2. The issue is a stored XSS due to parameter names not being escaped in job configuration forms, exploitable by attackers with Scriptler/Configure permission. Impact is limited to stored XSS within affected Jenkins instances; no pub...

5.4CVSS5.2AI score0.00241EPSS

Exploits0References2Affected Software1

AlpineLinux•added 2021/06/16 1:40 p.m.•25 views

CVE-2021-21667

5.4CVSS3.2AI score0.00241EPSS

Exploits0References2

CNNVD•added 2021/06/16 12:0 a.m.•2 views

Jenkins Scriptler Plugin 跨站脚本漏洞

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in the Jenkins Scriptler Plugin that stems from the fact that Jenkins Scriptler Plugin...

5.4CVSS5.8AI score0.00241EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by