← Back

Folder Based Authorization Strategy

folder-based_authorization_strategy

Vendor: Jenkins • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-24401
1Jenkins
1Folder Based Authorization Strategy
Oct 3, 2025
Jan 22, 2025
N/A· v4
6.8 MEDIUM· v3
N/A· v2
Jenkins Folder-based Authorization Strategy Plugin 217.vd5b_18537403e and earlier does not verify that permissions configured to be granted are enabled, potentially allowing users formerly granted (typically optional per...Show more
Jenkins Folder-based Authorization Strategy Plugin 217.vd5b_18537403e and earlier does not verify that permissions configured to be granted are enabled, potentially allowing users formerly granted (typically optional permissions, like Overall/Manage) to access functionality they're no longer entitled to.Show less
CVE-2022-27200
1Jenkins
1Folder Based Authorization Strategy
Nov 21, 2024
Mar 15, 2022
N/A· v4
4.8 MEDIUM· v3
3.5 LOW· v2
Jenkins Folder-based Authorization Strategy Plugin 1.3 and earlier does not escape the names of roles shown on the configuration form, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attacke...Show more
Jenkins Folder-based Authorization Strategy Plugin 1.3 and earlier does not escape the names of roles shown on the configuration form, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission.Show less