cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-33002,https://securityvulnerability.io/vulnerability/CVE-2023-33002,Stored XSS Vulnerability in Jenkins TestComplete Support Plugin,"The Jenkins TestComplete Support Plugin versions 2.8.1 and prior is susceptible to a stored cross-site scripting (XSS) vulnerability. This flaw occurs due to the improper escaping of the TestComplete project name, allowing attackers who have Item/Configure permissions to exploit the vulnerability. This could potentially result in the execution of malicious scripts in the context of the user's session.",Jenkins,Jenkins Testcomplete Support Plugin,5.4,MEDIUM,0.000699999975040555,false,,false,false,false,,,false,false,,2023-05-16T17:15:00.000Z,0
CVE-2023-24443,https://securityvulnerability.io/vulnerability/CVE-2023-24443,XML External Entity Vulnerability in Jenkins TestComplete Support Plugin,"The Jenkins TestComplete Support Plugin, versions 2.8.1 and earlier, fails to properly configure its XML parser, which exposes applications to XML External Entity (XXE) attacks. This vulnerability allows attackers to exploit the XML parser by injecting malicious XML input that can lead to unauthorized access to sensitive data and potentially allow for further exploits against the server.",Jenkins,Jenkins TestComplete support Plugin,9.8,CRITICAL,0.0020099999383091927,false,,false,false,false,,,false,false,,2023-01-26T21:18:00.000Z,0
CVE-2020-2209,https://securityvulnerability.io/vulnerability/CVE-2020-2209,,"Jenkins TestComplete support Plugin 2.4.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system.",Jenkins,Jenkins Testcomplete Support Plugin,4.3,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2020-07-02T14:55:36.000Z,0