cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-34183,https://securityvulnerability.io/vulnerability/CVE-2022-34183,Stored Cross-Site Scripting Vulnerability in Jenkins Agent Server Parameter Plugin,"The Jenkins Agent Server Parameter Plugin allows attackers to exploit a stored cross-site scripting (XSS) vulnerability due to improper escaping of the name and description of Agent Server parameters in views. This flaw can be leveraged by users with Item/Configure permission, enabling malicious scripts to be executed in the context of other users, potentially leading to unauthorized actions and data exposure.",Jenkins,Jenkins Agent Server Parameter Plugin,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-06-23T17:15:00.000Z,0
CVE-2022-25191,https://securityvulnerability.io/vulnerability/CVE-2022-25191,Stored Cross-Site Scripting Vulnerability in Jenkins Agent Server Parameter Plugin,"The Jenkins Agent Server Parameter Plugin, up to version 1.0, is susceptible to a stored cross-site scripting (XSS) vulnerability. This flaw arises from the failure to properly escape parameter names in agent server parameters. Consequently, an attacker with Item/Configure permission may exploit this vulnerability to inject malicious scripts, potentially compromising user data and applications. It underscores the importance of securing plugins and validating inputs to prevent such security breaches.",Jenkins,Jenkins Agent Server Parameter Plugin,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-02-15T16:11:18.000Z,0