cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-35143,https://securityvulnerability.io/vulnerability/CVE-2023-35143,Stored Cross-Site Scripting in Jenkins Maven Repository Server Plugin,"The Jenkins Maven Repository Server Plugin, specifically versions prior to 1.10, contains a stored cross-site scripting (XSS) vulnerability that occurs due to the failure to escape build artifact versions on the Build Artifacts As Maven Repository page. This security issue allows potential attackers to exploit the vulnerability by controlling Maven project versions specified in the 'pom.xml' file, leading to malicious scripts being executed in the context of unsuspecting users.",Jenkins,Jenkins Maven Repository Server Plugin,5.4,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2023-06-14T13:15:00.000Z,0
CVE-2023-35144,https://securityvulnerability.io/vulnerability/CVE-2023-35144,Stored Cross-Site Scripting Vulnerability in Jenkins Maven Repository Server Plugin by Jenkins,"The Jenkins Maven Repository Server Plugin prior to version 1.11 is susceptible to stored cross-site scripting (XSS) attacks due to improper escaping of user inputs. This vulnerability allows attackers to execute arbitrary JavaScript in the context of users viewing the affected Build Artifacts As Maven Repository page, potentially compromising user data and session integrity. Immediate updates to the plugin are recommended to mitigate these risks. For more details, visit the Jenkins Security Advisory.",Jenkins,Jenkins Maven Repository Server Plugin,5.4,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2023-06-14T13:15:00.000Z,0