Jenkins RQM Plugin 2.8 and earlier does not configure its XML parser to prevent XML external entity (XXE)...
9.1CVSS
9.1AI Score
0.002EPSS
A missing check in Jenkins RQM Plugin 2.8 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in...
6.5CVSS
6.3AI Score
0.001EPSS
Jenkins RQM Plugin 2.8 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file...
6.5CVSS
6.4AI Score
0.001EPSS