Vulnerabilities > Jenkins > Parameterized Trigger > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-03-15 CVE-2022-27195 Unspecified vulnerability in Jenkins Parameterized Trigger
Jenkins Parameterized Trigger Plugin 2.43 and earlier captures environment variables passed to builds triggered using Jenkins Parameterized Trigger Plugin, including password parameter values, in their `build.xml` files.
local
low complexity
jenkins
5.5
2017-10-05 CVE-2017-1000084 Incorrect Default Permissions vulnerability in Jenkins Parameterized Trigger
Parameterized Trigger Plugin fails to check Item/Build permission: The Parameterized Trigger Plugin did not check the build authentication it was running as and allowed triggering any other project in Jenkins.
network
low complexity
jenkins CWE-276
4.0