Количество 2
Количество 2
CVE-2023-25764
Jenkins Email Extension Plugin 2.93 and earlier does not escape, sanitize, or sandbox rendered email template output or log output generated during template rendering, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create or change custom email templates.
GHSA-p2fr-mq9m-6w6p
Cross-site Scripting in Jenkins Email Extension Plugin
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-25764 Jenkins Email Extension Plugin 2.93 and earlier does not escape, sanitize, or sandbox rendered email template output or log output generated during template rendering, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create or change custom email templates. | CVSS3: 5.4 | 8% Низкий | почти 3 года назад |
| GHSA-p2fr-mq9m-6w6p Cross-site Scripting in Jenkins Email Extension Plugin | CVSS3: 5.4 | 8% Низкий | почти 3 года назад |
Уязвимостей на страницу