cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-46688,https://securityvulnerability.io/vulnerability/CVE-2022-46688,Cross-Site Request Forgery Vulnerability in Jenkins Sonar Gerrit Plugin by Jenkins,"A cross-site request forgery vulnerability exists in the Jenkins Sonar Gerrit Plugin versions up to 377.v8f3808963dc5. This flaw enables attackers to compel Jenkins to connect to an arbitrary Gerrit server, using user-defined credential IDs. Such exploitation could lead to unauthorized access and potential compromise of sensitive credentials stored within Jenkins.",Jenkins,Jenkins Sonar Gerrit Plugin,6.5,MEDIUM,0.0006900000153109431,false,,false,false,false,,,false,false,,2022-12-12T09:15:00.000Z,0
CVE-2019-10467,https://securityvulnerability.io/vulnerability/CVE-2019-10467,,"Jenkins Sonar Gerrit Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.",Jenkins,Jenkins Sonar Gerrit Plugin,6.5,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2019-10-23T12:45:41.000Z,0