cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-29037,https://securityvulnerability.io/vulnerability/CVE-2022-29037,Stored Cross-Site Scripting Vulnerability in Jenkins CVS Plugin,"The Jenkins CVS Plugin prior to version 2.20 is susceptible to a stored cross-site scripting (XSS) vulnerability. This occurs due to inadequate escaping of the name and description of CVS Symbolic Name parameters in views. Attackers possessing Item/Configure permissions can exploit this flaw, potentially injecting malicious scripts into the application. When these scripts are executed, they can compromise user data and application integrity, leading to serious security concerns.",Jenkins,Jenkins Cvs Plugin,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-04-12T19:50:29.000Z,0
CVE-2020-2324,https://securityvulnerability.io/vulnerability/CVE-2020-2324,,Jenkins CVS Plugin 2.16 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.,Jenkins,Jenkins Cvs Plugin,7.5,HIGH,0.0014900000533089042,false,,false,false,false,,,false,false,,2020-12-03T15:55:16.000Z,0
CVE-2020-2184,https://securityvulnerability.io/vulnerability/CVE-2020-2184,,"A cross-site request forgery vulnerability in Jenkins CVS Plugin 2.15 and earlier allows attackers to create and manipulate tags, and to connect to an attacker-specified URL.",Jenkins,Jenkins Cvs Plugin,4.3,MEDIUM,0.0005600000149570405,false,,false,false,false,,,false,false,,2020-05-06T12:45:23.000Z,0