cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-30525,https://securityvulnerability.io/vulnerability/CVE-2023-30525,Cross-Site Request Forgery Vulnerability in Jenkins Report Portal Plugin,"A CSRF vulnerability exists in the Jenkins Report Portal Plugin, version 0.5 and earlier, allowing attackers to manipulate user requests to connect to an attacker-specified URL. This vulnerability permits the use of a bearer token authentication method specified by the attacker, which could lead to unauthorized actions being performed on behalf of a user without their consent. Users of the affected plugin should be aware of this security risk and apply necessary mitigations as detailed in the Jenkins security advisory.",Jenkins,Jenkins Report Portal Plugin,8.8,HIGH,0.004879999905824661,false,,false,false,false,,,false,false,,2023-04-12T18:15:00.000Z,0
CVE-2023-30526,https://securityvulnerability.io/vulnerability/CVE-2023-30526,Permission Check Flaw in Jenkins Report Portal Plugin by Jenkins,"A vulnerability exists in the Jenkins Report Portal Plugin prior to version 0.5, where a missing permission check enables attackers with Overall/Read permissions to connect to user-specified URLs using bearer token authentication. This flaw can potentially be exploited to access unauthorized information or perform actions that should not be permitted, posing a risk to the integrity and confidentiality of user data.",Jenkins,Jenkins Report Portal Plugin,6.5,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2023-04-12T18:15:00.000Z,0
CVE-2023-30523,https://securityvulnerability.io/vulnerability/CVE-2023-30523,Unencrypted Token Storage in Jenkins Report Portal Plugin by Jenkins,"The Jenkins Report Portal Plugin versions up to 0.5 are susceptible to security breaches due to the improper storage of ReportPortal access tokens. These tokens are stored unencrypted within the job config.xml files on the Jenkins controller, making them accessible to users with Item/Extended Read permission or direct access to the Jenkins file system. This security lapse can lead to unauthorized access and potential compromise of sensitive data.",Jenkins,Jenkins Report Portal Plugin,4.3,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2023-04-12T18:15:00.000Z,0
CVE-2023-30524,https://securityvulnerability.io/vulnerability/CVE-2023-30524,Access Token Exposure in Jenkins Report Portal Plugin by Jenkins,"The Jenkins Report Portal Plugin versions 0.5 and earlier are susceptible to a vulnerability where access tokens are displayed unmasked on the configuration form. This oversight allows potential attackers to observe and capture sensitive tokens, thus compromising user security and API integrity. It is crucial for users of the affected plugin to take necessary steps to mitigate exposure by updating to a patched version.",Jenkins,Jenkins Report Portal Plugin,4.3,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2023-04-12T18:15:00.000Z,0