Vulnerabilities > Jenkins > Scriptler > 3.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-13 | CVE-2023-50764 | Unspecified vulnerability in Jenkins Scriptler Jenkins Scriptler Plugin 342.v6a_89fd40f466 and earlier does not restrict a file name query parameter in an HTTP endpoint, allowing attackers with Scriptler/Configure permission to delete arbitrary files on the Jenkins controller file system. | 8.1 |
| 2023-12-13 | CVE-2023-50765 | Missing Authorization vulnerability in Jenkins Scriptler A missing permission check in Jenkins Scriptler Plugin 342.v6a_89fd40f466 and earlier allows attackers with Overall/Read permission to read the contents of a Groovy script by knowing its ID. | 4.3 |