Lucene search
JenkinsZephyr Enterprise Test Management
3 matches found
CVE-2020-2145
Jenkins Zephyr Enterprise Test Management Plugin 1.9.1 and earlier stores its Zephyr password in plain text on the Jenkins master file system.
5.5CVSS5.5AI score0.00011EPSS
CVE-2019-1003085
A missing permission check in Jenkins Zephyr Enterprise Test Management Plugin in the ZeeDescriptor#doTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.
6.5CVSS6.2AI score0.00084EPSS
CVE-2019-1003084
A cross-site request forgery vulnerability in Jenkins Zephyr Enterprise Test Management Plugin in the ZeeDescriptor#doTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server.
6.5CVSS6.3AI score0.00156EPSS