CVE-2025-64133

Summary

A cross-site request forgery (CSRF) vulnerability in Jenkins Extensible Choice Parameter Plugin 239.v5f5c278708cf and earlier allows attackers to execute sandboxed Groovy code.

Affected Software

VendorProductVersion RangeStatus
Jenkins ProjectJenkins Extensible Choice Parameter Plugin0 <= 239.v5f5c278708cfaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References