cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-34787,https://securityvulnerability.io/vulnerability/CVE-2022-34787,Cross-Site Scripting Flaw in Jenkins Project Inheritance Plugin,"The Jenkins Project Inheritance Plugin up to version 21.04.03 contains an XSS vulnerability where the reason for blocking a build is not properly escaped in tooltips. This flaw allows attackers who can control the reason a queue item is blocked to inject malicious scripts into the web interface, potentially compromising the security of the Jenkins environment and the data processed within.",Jenkins,Jenkins Inheritance Plugin,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-06-30T17:46:51.000Z,0
CVE-2020-2197,https://securityvulnerability.io/vulnerability/CVE-2020-2197,,Jenkins Project Inheritance Plugin 19.08.02 and earlier does not require users to have Job/ExtendedRead permission to access Inheritance Project job configurations in XML format.,Jenkins,Jenkins Inheritance Plugin,4.3,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2020-06-03T12:40:26.000Z,0
CVE-2020-2198,https://securityvulnerability.io/vulnerability/CVE-2020-2198,,Jenkins Project Inheritance Plugin 19.08.02 and earlier does not redact encrypted secrets in the 'getConfigAsXML' API URL when transmitting job config.xml data to users without Job/Configure.,Jenkins,Jenkins Inheritance Plugin,6.5,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2020-06-03T12:40:26.000Z,0
CVE-2019-10407,https://securityvulnerability.io/vulnerability/CVE-2019-10407,,Jenkins Project Inheritance Plugin 2.0.0 and earlier displayed a list of environment variables passed to a build without masking sensitive variables contributed by the Mask Passwords Plugin.,Jenkins,Jenkins Inheritance Plugin,6.5,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2019-09-25T15:05:32.000Z,0
CVE-2019-10409,https://securityvulnerability.io/vulnerability/CVE-2019-10409,,A missing permission check in Jenkins Project Inheritance Plugin 2.0.0 and earlier allowed attackers with Overall/Read permission to trigger project generation from templates.,Jenkins,Jenkins Inheritance Plugin,4.3,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2019-09-25T15:05:32.000Z,0
CVE-2019-10408,https://securityvulnerability.io/vulnerability/CVE-2019-10408,,A cross-site request forgery vulnerability in Jenkins Project Inheritance Plugin 2.0.0 and earlier allowed attackers to trigger project generation from templates.,Jenkins,Jenkins Inheritance Plugin,4.3,MEDIUM,0.0005600000149570405,false,,false,false,false,,,false,false,,2019-09-25T15:05:32.000Z,0