cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-43412,https://securityvulnerability.io/vulnerability/CVE-2022-43412,Improper Token Validation in Jenkins Generic Webhook Trigger Plugin,"The Generic Webhook Trigger Plugin for Jenkins versions up to 1.84.1 is vulnerable due to its use of a non-constant time comparison function for validating webhook tokens. This flaw could allow attackers to exploit the timing discrepancies inherent in the comparison process, potentially enabling them to deduce valid webhook tokens through statistical analysis. Such an exploit could facilitate unauthorized actions within Jenkins, making it critical for users to update their plugins and mitigate associated risks.",Jenkins,Jenkins Generic Webhook Trigger Plugin,5.3,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2022-10-19T00:00:00.000Z,0
CVE-2022-25185,https://securityvulnerability.io/vulnerability/CVE-2022-25185,Stored Cross-Site Scripting Vulnerability in Jenkins Generic Webhook Trigger Plugin,"The Jenkins Generic Webhook Trigger Plugin versions up to 1.81 does not properly escape the build cause when a webhook is triggered. This oversight introduces a stored cross-site scripting (XSS) vulnerability that can be exploited by attackers who have Item/Configure permissions. Success in exploiting this flaw allows malicious scripts to be executed in the context of users accessing the affected Jenkins instance, potentially compromising sensitive data and user interactions.",Jenkins,Jenkins Generic Webhook Trigger Plugin,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2022-02-15T16:11:10.000Z,0
CVE-2021-21669,https://securityvulnerability.io/vulnerability/CVE-2021-21669,,Jenkins Generic Webhook Trigger Plugin 1.72 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.,Jenkins,Jenkins Generic Webhook Trigger Plugin,9.8,CRITICAL,0.0021100000012665987,false,,false,false,false,,,false,false,,2021-06-18T09:25:10.000Z,0