cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-41239,https://securityvulnerability.io/vulnerability/CVE-2022-41239,Stored Cross-Site Scripting Vulnerability in Jenkins DotCi Plugin by Jenkins,"The Jenkins DotCi Plugin versions prior to 2.40.00 are affected by a stored cross-site scripting vulnerability. This issue arises from the failure to properly escape the GitHub user name parameter in commit notifications, which allows an attacker to inject malicious scripts that are stored and later executed in a user's browser context. This can lead to unauthorized actions, data theft, and overall compromised user experience. It is essential for users to update to the latest version of the plugin to mitigate this risk.",Jenkins,Jenkins Dotci Plugin,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-09-21T15:45:58.000Z,0
CVE-2022-41238,https://securityvulnerability.io/vulnerability/CVE-2022-41238,Unauthenticated Build Trigger Vulnerability in Jenkins DotCi Plugin,"The Jenkins DotCi Plugin prior to version 2.40.00 contains a vulnerability that permits unauthenticated attackers to initiate builds of jobs associated with any repository by specifying an arbitrary commit. This weakness arises from a lack of adequate permission checks, allowing malicious users to exploit this flaw for executing unauthorized build processes.",Jenkins,Jenkins Dotci Plugin,9.8,CRITICAL,0.002400000113993883,false,,false,false,false,,,false,false,,2022-09-21T15:45:57.000Z,0
CVE-2022-41237,https://securityvulnerability.io/vulnerability/CVE-2022-41237,Remote Code Execution Vulnerability in Jenkins DotCi Plugin,"The Jenkins DotCi Plugin prior to version 2.40.00 is vulnerable due to improper configuration of its YAML parser, which allows the instantiation of arbitrary types. This oversight can be exploited to execute remote code, potentially compromising the security of Jenkins installations using this plugin.",Jenkins,Jenkins Dotci Plugin,9.8,CRITICAL,0.00535999983549118,false,,false,false,false,,,false,false,,2022-09-21T15:45:56.000Z,0