cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-24454,https://securityvulnerability.io/vulnerability/CVE-2023-24454,Unencrypted Password Storage in Jenkins TestQuality Updater Plugin by Jenkins,"The Jenkins TestQuality Updater Plugin, version 1.3 and earlier, poses a significant security risk by storing the TestQuality Updater password in an unencrypted format within the global configuration file on the Jenkins controller. This configuration file can be accessed by any user with permissions to the Jenkins controller's filesystem, potentially exposing sensitive credentials. It is critical for users to upgrade to versions with enhanced security measures to safeguard their systems.",Jenkins,Jenkins TestQuality Updater Plugin,5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-01-26T21:18:00.000Z,0
CVE-2023-24452,https://securityvulnerability.io/vulnerability/CVE-2023-24452,Cross-Site Request Forgery in Jenkins TestQuality Updater Plugin,"The Jenkins TestQuality Updater Plugin has a cross-site request forgery (CSRF) vulnerability that allows attackers to send unauthorized requests. This can lead to the execution of actions on behalf of an authenticated user without their consent. Specifically, the vulnerability enables attackers to connect to an attacker-specified URL using arbitrary credentials provided by the attacker, potentially compromising sensitive data and access.",Jenkins,Jenkins TestQuality Updater Plugin,8.8,HIGH,0.000750000006519258,false,,false,false,false,,,false,false,,2023-01-26T21:18:00.000Z,0
CVE-2023-24453,https://securityvulnerability.io/vulnerability/CVE-2023-24453,Unauthorized Access Vulnerability in Jenkins TestQuality Updater Plugin,"A security flaw in the Jenkins TestQuality Updater Plugin 1.3 and earlier enables attackers with Overall/Read permissions to exploit the system. By introducing a missing check, the vulnerability allows these unauthorized users to connect to any specified URL using arbitrary credentials. This could facilitate sensitive information exposure or further exploitation of the Jenkins environment.",Jenkins,Jenkins TestQuality Updater Plugin,6.5,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2023-01-26T21:18:00.000Z,0