Known Vulnerabilities
CVE-2023-32980
A cross-site request forgery (CSRF) vulnerability in Jenkins Email Extension Plugin allows attackers to make another user stop watching an attacker-specified job.
UNKNOWN
CVSS 4.3
Published May 16, 2023
CVE-2023-32979
Jenkins Email Extension Plugin does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files in the email-templates/ directory in the Jenkins home directory on the controller file system.
UNKNOWN
CVSS 4.3
Published May 16, 2023