cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-34202,https://securityvulnerability.io/vulnerability/CVE-2022-34202,Jenkins EasyQA Plugin Stores User Passwords Unencrypted,"The Jenkins EasyQA Plugin prior to version 1.1 is susceptible to a vulnerability where user passwords are stored in an unencrypted format within the global configuration file. This presents a significant risk, as unauthorized users with access to the Jenkins controller file system can easily view sensitive credentials. It is essential for users of this plugin to take immediate action to secure their installations and consider upgrading to a patched version.",Jenkins,Jenkins Easyqa Plugin,6.5,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2022-06-23T17:15:00.000Z,0
CVE-2022-34204,https://securityvulnerability.io/vulnerability/CVE-2022-34204,Unauthorized Access Vulnerability in Jenkins EasyQA Plugin by Jenkins,The Jenkins EasyQA Plugin has a vulnerability due to a missing permission check that permits users with Overall/Read access to connect to any specified HTTP server. This could allow attackers to manipulate requests or gather sensitive information from the attacked server. It is crucial for users of the EasyQA Plugin version 1.0 and earlier to review their security settings and implement necessary updates to mitigate the risk associated with this vulnerability.,Jenkins,Jenkins Easyqa Plugin,4.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-06-23T17:15:00.000Z,0
CVE-2022-34203,https://securityvulnerability.io/vulnerability/CVE-2022-34203,Cross-Site Request Forgery Vulnerability in Jenkins EasyQA Plugin,"The Jenkins EasyQA Plugin version 1.0 and earlier contains a cross-site request forgery (CSRF) vulnerability that allows an attacker to craft malicious requests. If an unsuspecting user is authenticated and navigates to a malicious web page, the attacker could exploit this flaw to connect to an attacker-controlled HTTP server, potentially leading to unauthorized actions or data exposure.",Jenkins,Jenkins Easyqa Plugin,8.8,HIGH,0.000750000006519258,false,,false,false,false,,,false,false,,2022-06-23T17:15:00.000Z,0