cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-50764,https://securityvulnerability.io/vulnerability/CVE-2023-50764,File Deletion Vulnerability in Jenkins Scriptler Plugin by Jenkins,"The Jenkins Scriptler Plugin prior to version 342.v6a_89fd40f466 lacks proper validation of the file name query parameter in an HTTP endpoint. This vulnerability can be exploited by users with Scriptler/Configure permission, enabling them to delete arbitrary files from the Jenkins controller's file system, potentially leading to critical data loss and disruption of service.",Jenkins,Jenkins Scriptler Plugin,8.1,HIGH,0.002090000081807375,false,false,false,false,,false,false,2023-12-13T18:15:00.000Z,0
CVE-2023-50765,https://securityvulnerability.io/vulnerability/CVE-2023-50765,,A missing permission check in Jenkins Scriptler Plugin 342.v6a_89fd40f466 and earlier allows attackers with Overall/Read permission to read the contents of a Groovy script by knowing its ID.,Jenkins,Jenkins Scriptler Plugin,4.3,MEDIUM,0.001509999972768128,false,false,false,false,,false,false,2023-12-13T18:15:00.000Z,0
CVE-2021-21700,https://securityvulnerability.io/vulnerability/CVE-2021-21700,,"Jenkins Scriptler Plugin 3.3 and earlier does not escape the name of scripts on the UI when asking to confirm their deletion, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by exploitable by attackers able to create Scriptler scripts.",Jenkins,Jenkins Scriptler Plugin,5.4,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2021-11-12T10:35:17.000Z,0
CVE-2021-21668,https://securityvulnerability.io/vulnerability/CVE-2021-21668,,"Jenkins Scriptler Plugin 3.1 and earlier does not escape script content, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Scriptler/Configure permission.",Jenkins,Jenkins Scriptler Plugin,5.4,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2021-06-16T13:40:12.000Z,0
CVE-2021-21667,https://securityvulnerability.io/vulnerability/CVE-2021-21667,,"Jenkins Scriptler Plugin 3.2 and earlier does not escape parameter names shown in job configuration forms, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Scriptler/Configure permission.",Jenkins,Jenkins Scriptler Plugin,5.4,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2021-06-16T13:40:11.000Z,0