cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2020-2285,https://securityvulnerability.io/vulnerability/CVE-2020-2285,,A missing permission check in Jenkins Liquibase Runner Plugin 1.4.7 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.,Jenkins,Jenkins Liquibase Runner Plugin,4.3,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2020-09-23T13:10:20.000Z,0
CVE-2020-2284,https://securityvulnerability.io/vulnerability/CVE-2020-2284,,Jenkins Liquibase Runner Plugin 1.4.5 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.,Jenkins,Jenkins Liquibase Runner Plugin,7.1,HIGH,0.0006300000241026282,false,,false,false,false,,,false,false,,2020-09-23T13:10:20.000Z,0
CVE-2020-2283,https://securityvulnerability.io/vulnerability/CVE-2020-2283,,"Jenkins Liquibase Runner Plugin 1.4.5 and earlier does not escape changeset contents, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users able to control changeset files evaluated by the plugin.",Jenkins,Jenkins Liquibase Runner Plugin,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2020-09-23T13:10:19.000Z,0