cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-34182,https://securityvulnerability.io/vulnerability/CVE-2022-34182,Reflected Cross-Site Scripting Vulnerability in Jenkins Nested View Plugin,"The Nested View Plugin for Jenkins, versions 1.20 through 1.25, is vulnerable to reflected cross-site scripting (XSS) attacks due to improper escaping of search parameters. This vulnerability allows attackers to inject malicious scripts into the search fields, potentially leading to unauthorized actions on behalf of users. It is essential for Jenkins administrators to upgrade the plugin to a secure version to mitigate potential risks.",Jenkins,Jenkins Nested View Plugin,6.1,MEDIUM,0.0007300000288523734,false,,false,false,false,,,false,false,,2022-06-23T17:15:00.000Z,0
CVE-2021-21680,https://securityvulnerability.io/vulnerability/CVE-2021-21680,XML External Entity Vulnerability in Jenkins Nested View Plugin,"The Jenkins Nested View Plugin versions 1.20 and earlier suffer from an XML external entity (XXE) vulnerability, which occurs due to improper configuration of its XML transformer. This flaw allows attackers to exploit this vulnerability by crafting malicious XML input, potentially leading to unauthorized information disclosure or server-side request forgery (SSRF) attacks. It is crucial for users to upgrade to a later, patched version to mitigate the risks associated with this vulnerability.",Jenkins,Jenkins Nested View Plugin,7.1,HIGH,0.0006300000241026282,false,,false,false,false,,,false,false,,2021-08-31T13:50:18.000Z,0