cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-35145,https://securityvulnerability.io/vulnerability/CVE-2023-35145,Stored Cross-Site Scripting Flaw in Jenkins Sonargraph Integration Plugin,"The Jenkins Sonargraph Integration Plugin allows for a stored cross-site scripting vulnerability due to inadequate escaping of the file path and project name fields within the Log file field form validation. This oversight enables attackers with Item/Configure permissions to exploit the vulnerability, potentially leading to malicious script execution in the context of users who interact with the affected functionality.",Jenkins,Jenkins Sonargraph Integration Plugin,5.4,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2023-06-14T13:15:00.000Z,0
CVE-2020-2201,https://securityvulnerability.io/vulnerability/CVE-2020-2201,,"Jenkins Sonargraph Integration Plugin 3.0.0 and earlier does not escape the file path for the Log file field form validation, resulting in a stored cross-site scripting vulnerability.",Jenkins,Jenkins Sonargraph Integration Plugin,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2020-07-02T14:55:32.000Z,0