cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2025-24401,https://securityvulnerability.io/vulnerability/CVE-2025-24401,Authorization Flaw in Jenkins Folder-based Authorization Strategy Plugin by CloudBees,"The Jenkins Folder-based Authorization Strategy Plugin, up to version 217.vd5b_18537403e, fails to properly verify that the permissions granted to users are still valid. This flaw may enable users who previously held specific permissions, including optional ones like Overall/Manage, to retain access to functions they should no longer be entitled to. This behavior poses a significant risk as it can lead to unauthorized access and potential exploitation of sensitive functionalities.",Jenkins,Jenkins Folder-based Authorization Strategy Plugin,6.8,MEDIUM,0.0004299999854993075,false,,false,false,false,false,false,false,2025-01-22T17:02:54.209Z,0
CVE-2022-27200,https://securityvulnerability.io/vulnerability/CVE-2022-27200,,"Jenkins Folder-based Authorization Strategy Plugin 1.3 and earlier does not escape the names of roles shown on the configuration form, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission.",Jenkins,Jenkins Folder-based Authorization Strategy Plugin,4.8,MEDIUM,0.0005000000237487257,false,,false,false,false,,false,false,2022-03-15T16:45:45.000Z,0