cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-34785,https://securityvulnerability.io/vulnerability/CVE-2022-34785,Improper Permission Management in Jenkins Build-Metrics Plugin,"The Jenkins Build-Metrics Plugin, versions 1.3 and prior, lacks adequate permission checks in several HTTP endpoints. This vulnerability permits users with Overall/Read permissions to access sensitive job information that should otherwise be restricted, potentially exposing critical data to unauthorized individuals.",Jenkins,Jenkins Build-metrics Plugin,4.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-06-30T17:46:40.000Z,0
CVE-2022-34784,https://securityvulnerability.io/vulnerability/CVE-2022-34784,Stored XSS Vulnerability in Jenkins Build-Metrics Plugin by Jenkins,"The Jenkins Build-Metrics Plugin version 1.3 contains a vulnerability where it fails to properly escape the build description in one of its views. This oversight can be exploited by users with Build or Update permissions, leading to a stored cross-site scripting (XSS) attack that could affect other users of the application. It is essential for users to update to a patched version to mitigate this risk.",Jenkins,Jenkins Build-metrics Plugin,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-06-30T17:46:33.000Z,0
CVE-2019-10475,https://securityvulnerability.io/vulnerability/CVE-2019-10475,,A reflected cross-site scripting vulnerability in Jenkins build-metrics Plugin allows attackers to inject arbitrary HTML and JavaScript into web pages provided by this plugin.,Jenkins,Jenkins Build-metrics Plugin,6.1,MEDIUM,0.9715999960899353,false,,false,false,true,2019-11-06T22:19:01.000Z,true,false,false,,2019-10-23T12:45:45.000Z,0