cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-32984,https://securityvulnerability.io/vulnerability/CVE-2023-32984,Stored Cross-Site Scripting in Jenkins TestNG Results Plugin,"The Jenkins TestNG Results Plugin prior to version 730.v4c5283037693 has a stored cross-site scripting (XSS) vulnerability. This issue arises because the plugin does not properly escape certain values parsed from TestNG report files, allowing attackers to craft malicious report files. When these files are displayed on the plugin’s test information pages, an attacker could potentially execute arbitrary JavaScript in the context of an authenticated Jenkins user, leading to the compromise of sensitive information.",Jenkins,Jenkins Testng Results Plugin,5.4,MEDIUM,0.000699999975040555,false,,false,false,false,,,false,false,,2023-05-16T16:15:00.000Z,0
CVE-2022-34778,https://securityvulnerability.io/vulnerability/CVE-2022-34778,Cross-Site Scripting Vulnerability in Jenkins TestNG Results Plugin,"The TestNG Results Plugin for Jenkins, version 554.va4a552116332 and earlier, is susceptible to a cross-site scripting (XSS) vulnerability. This issue arises when unescaped test descriptions and exception messages are rendered in job results, particularly when specific job-level options are enabled. Attackers with the ability to configure jobs or manipulate test outcomes could exploit this weakness to inject malicious scripts, potentially compromising the integrity of the application and affecting users.",Jenkins,Jenkins Testng Results Plugin,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-06-30T17:45:59.000Z,0