Vulnerabilities (CVE)

Filtered by vendor Jenkins Subscribe
Filtered by product Xray - Test Management For Jira
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-21653 1 Jenkins 1 Xray - Test Management For Jira 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier does not perform a permission check in an HTTP endpoint, allowing with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
CVE-2021-21652 1 Jenkins 1 Xray - Test Management For Jira 2024-11-21 5.8 MEDIUM 7.1 HIGH
A cross-site request forgery (CSRF) vulnerability in Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.