cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-28679,https://securityvulnerability.io/vulnerability/CVE-2023-28679,Stored Cross-Site Scripting Vulnerability in Jenkins Mashup Portlets Plugin,"The Jenkins Mashup Portlets Plugin allows authenticated users with Overall/Read permission to inject malicious JavaScript through the 'Generic JS Portlet' feature. This results in a stored cross-site scripting vulnerability, enabling attackers to execute arbitrary scripts in the context of other users, which could lead to data theft or unauthorized actions in the application.",Jenkins,Jenkins Mashup Portlets Plugin,5.4,MEDIUM,0.0007699999841861427,false,,false,false,false,,,false,false,,2023-04-02T21:15:00.000Z,0
CVE-2019-10347,https://securityvulnerability.io/vulnerability/CVE-2019-10347,,Jenkins Mashup Portlets Plugin stored credentials unencrypted on the Jenkins master where they can be viewed by users with access to the master file system.,Jenkins,Jenkins Mashup Portlets Plugin,8.8,HIGH,0.0031799999997019768,false,,false,false,false,,,false,false,,2019-07-11T13:55:17.000Z,0