cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-43425,https://securityvulnerability.io/vulnerability/CVE-2022-43425,Stored Cross-Site Scripting Vulnerability in Jenkins Custom Checkbox Parameter Plugin,"The Jenkins Custom Checkbox Parameter Plugin versions 1.4 and earlier are prone to a stored cross-site scripting (XSS) vulnerability. This occurs due to the lack of proper escaping for the name and description fields of Custom Checkbox Parameter parameters on views that display these parameters. Attackers with 'Item/Configure' permissions can exploit this vulnerability to inject malicious scripts, potentially compromising sensitive data and impacting user sessions.",Jenkins,Jenkins Custom Checkbox Parameter Plugin,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2022-10-19T00:00:00.000Z,0
CVE-2022-25189,https://securityvulnerability.io/vulnerability/CVE-2022-25189,Stored Cross-Site Scripting Vulnerability in Jenkins Custom Checkbox Parameter Plugin,"The Custom Checkbox Parameter Plugin for Jenkins versions 1.1 and earlier contains a stored cross-site scripting vulnerability due to the improper handling of parameter names for custom checkbox parameters. This flaw allows attackers with Item/Configure permissions to inject malicious scripts into the application, which could lead to unauthorized actions and exposure of sensitive information. It is essential for users of this plugin to apply patches or updates to mitigate the risk associated with this vulnerability.",Jenkins,Jenkins Custom Checkbox Parameter Plugin,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-02-15T16:11:15.000Z,0