cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-30519,https://securityvulnerability.io/vulnerability/CVE-2023-30519,Unauthorized Build Trigger in Jenkins Quay.io Trigger Plugin by Jenkins,"A vulnerability exists in the Jenkins Quay.io Trigger Plugin versions 0.1 and earlier, where a missing permission check allows unauthenticated attackers to initiate builds on jobs linked to any repository of their choosing. This oversight can lead to unauthorized executions and potential disruptions to the CI/CD pipeline. It highlights the critical need for stringent permission checks in plugins to maintain the integrity of automated build systems.",Jenkins,Jenkins Quay.io trigger Plugin,5.3,MEDIUM,0.0008500000112690032,false,,false,false,false,,,false,false,,2023-04-12T18:15:00.000Z,0
CVE-2023-30520,https://securityvulnerability.io/vulnerability/CVE-2023-30520,Stored XSS Vulnerability in Jenkins Quay.io Trigger Plugin,"The Jenkins Quay.io Trigger Plugin prior to version 0.2 allows attackers to exploit a stored cross-site scripting (XSS) vulnerability due to insufficient URL scheme restrictions for repository homepage URLs. This issue can be triggered by submitting a maliciously crafted payload via Quay.io trigger webhooks, potentially compromising the security of systems integrating with this plugin.",Jenkins,Jenkins Quay.io trigger Plugin,5.4,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2023-04-12T18:15:00.000Z,0