VYPR

Plugin Security Scanner

by Glen Scott

CVEs (2)

  • CVE-2025-57950MedSep 22, 2025
    Glen Scott
    Plugin Security Scanner
    risk 0.38cvss 5.9epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Glen Scott Plugin Security Scanner plugin-security-scanner allows Stored XSS.This issue affects Plugin Security Scanner: from n/a through <= 2.0.2.

  • CVE-2025-53653Jul 9, 2025
    Glen Scott
    Plugin Security Scanner
    risk 0.00cvss epss 0.00

    Jenkins Aqua Security Scanner Plugin 3.2.8 and earlier stores Scanner Tokens for Aqua API unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system.