Vulnerabilities > Jenkins > Rapiddeploy > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-03-25 | CVE-2020-2170 | Cross-site Scripting vulnerability in Jenkins Rapiddeploy Jenkins RapidDeploy Plugin 4.2 and earlier does not escape package names in the table of packages obtained from a remote server, resulting in a stored XSS vulnerability. | 5.4 |
2019-12-17 | CVE-2019-16571 | Missing Authorization vulnerability in Jenkins Rapiddeploy A missing permission check in Jenkins RapidDeploy Plugin 4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server. | 4.3 |