cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-25761,https://securityvulnerability.io/vulnerability/CVE-2023-25761,Stored Cross-Site Scripting Vulnerability in Jenkins JUnit Plugin,"The Jenkins JUnit Plugin prior to version 1166.va_436e268e972 is susceptible to a stored cross-site scripting vulnerability due to improper escaping of test case class names in JavaScript expressions. This vulnerability allows attackers, who can manipulate the test case class names within the JUnit resources processed by the plugin, to execute arbitrary JavaScript in the context of a user's session. This could lead to unauthorized actions, data theft, or further exploitation of the affected system.",Jenkins,Jenkins JUnit Plugin,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2023-02-15T00:00:00.000Z,0
CVE-2022-45380,https://securityvulnerability.io/vulnerability/CVE-2022-45380,Stored Cross-Site Scripting in Jenkins JUnit Plugin by Jenkins,"The Jenkins JUnit Plugin prior to version 1159.v0b_396e1e07dd contains a vulnerability that allows attackers with Item/Configure permission to inject malicious scripts through test report output. This issue arises from the plugin's improper handling of HTTP(S) URLs, converting them to clickable links without adequate sanitization, thus exposing users to potential exploits. It is crucial for administrators to assess and upgrade their systems accordingly to prevent unauthorized access and maintain the integrity of the Jenkins environment.",Jenkins,Jenkins Junit Plugin,5.4,MEDIUM,0.001560000004246831,false,,false,false,false,,,false,false,,2022-11-15T00:00:00.000Z,0
CVE-2022-34176,https://securityvulnerability.io/vulnerability/CVE-2022-34176,Stored Cross-Site Scripting in Jenkins JUnit Plugin by Jenkins,"The Jenkins JUnit Plugin suffers from a stored cross-site scripting (XSS) vulnerability because it fails to properly escape the descriptions of test results. This security flaw can be exploited by attackers who possess Run or Update permissions, potentially allowing them to inject malicious scripts into the web application. This could lead to unauthorized actions or information disclosure, compromising the integrity and security of affected Jenkins instances.",Jenkins,Jenkins Junit Plugin,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-06-23T17:15:00.000Z,0