Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.19 views

EUVD-2021-1403

Malware in sbrugna...

7.1CVSS6.8AI score0.00642EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-1263

Malware in sbrugna...

4.3CVSS4.6AI score0.00865EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 9:30 p.m.7 views

CVE-2021-21652

A cross-site request forgery CSRF vulnerability in Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

7.1CVSS6.6AI score0.00642EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:11 p.m.11 views

CVE-2021-21653

Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier does not perform a permission check in an HTTP endpoint, allowing with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

4.3CVSS6.5AI score0.00865EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2021/06/16 5:28 p.m.57 views

CSRF vulnerability in Jenkins Xray - Test Management for Jira Plugin allows capturing credentials

Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier does not require POST requests for a connection test method, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to connect to an attacker-specified URL using attacker-specified...

7.1CVSS6.5AI score0.00642EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2021/05/11 3:15 p.m.50 views

CVE-2021-21652

A cross-site request forgery CSRF vulnerability in Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

7.1CVSS0.00642EPSS
Exploits0References1
OSV
OSV
added 2021/05/11 3:15 p.m.28 views

CVE-2021-21653

Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier does not perform a permission check in an HTTP endpoint, allowing with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

4.3CVSS6.5AI score
Exploits0References1
NVD
NVD
added 2021/05/11 3:15 p.m.24 views

CVE-2021-21653

Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier does not perform a permission check in an HTTP endpoint, allowing with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

4.3CVSS0.00865EPSS
Exploits0References1
Prion
Prion
added 2021/05/11 3:15 p.m.14 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

5.8CVSS6.9AI score0.00642EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/05/11 2:15 p.m.47 views

CVE-2021-21652

A cross-site request forgery CSRF vulnerability in Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

7.1AI score0.00642EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/05/11 12:0 a.m.5 views

PT-2021-14696 · Jenkins · Jenkins Xray - Test Management For Jira Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Xray - Test Management for Jira Plugin versions 2.4.0 and earlier Description: The issue concerns a lack of permission check in an HTTP endpoint, allowing users with Overall/Read permission to enumerate credentials IDs of credentials...

4.3CVSS4.2AI score0.00865EPSS
Exploits0References5
Rows per page
Query Builder