Every CVE whose affected-product data names Jenkins Scriptler, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2023-50764 — CVSS 8.1 (high): Jenkins Scriptler Plugin 342.v6a_89fd40f466 and earlier does not restrict a file name query parameter in an HTTP endpoint, allowing…
CVE-2021-21667 — CVSS 5.4 (medium): Jenkins Scriptler Plugin 3.2 and earlier does not escape parameter names shown in job configuration forms, resulting in a stored cross-site…
CVE-2021-21668 — CVSS 5.4 (medium): Jenkins Scriptler Plugin 3.1 and earlier does not escape script content, resulting in a stored cross-site scripting (XSS) vulnerability…
CVE-2021-21700 — CVSS 5.4 (medium): Jenkins Scriptler Plugin 3.3 and earlier does not escape the name of scripts on the UI when asking to confirm their deletion, resulting in…
CVE-2023-50765 — CVSS 4.3 (medium): A missing permission check in Jenkins Scriptler Plugin 342.v6a_89fd40f466 and earlier allows attackers with Overall/Read permission to read…