Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Email Extension Security Vulnerabilities - CVSS Score 5 - 6

cve
cve

CVE-2017-2654

jenkins-email-ext before version 2.57.1 is vulnerable to an Information Exposure. The Email Extension Plugins is able to send emails to a dynamically created list of users based on the changelogs, like authors of SCM changes since the last successful build. This could in some cases result in emails...

5.3CVSS

5.1AI Score

0.001EPSS

2018-08-06 10:29 PM
34
cve
cve

CVE-2023-25763

Jenkins Email Extension Plugin 2.93 and earlier does not escape various fields included in bundled email templates, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control affected fields.

5.4CVSS

5.2AI Score

0.001EPSS

2023-02-15 02:15 PM
38
cve
cve

CVE-2023-25764

Jenkins Email Extension Plugin 2.93 and earlier does not escape, sanitize, or sandbox rendered email template output or log output generated during template rendering, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create or change custom email templ...

5.4CVSS

5.3AI Score

0.001EPSS

2023-02-15 02:15 PM
39