Vulnerabilities > Qualys > Policy Compliance

DATE CVE VULNERABILITY TITLE RISK
2024-01-09 CVE-2023-6148 Cross-site Scripting vulnerability in Qualys Policy Compliance 1.0.5
Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services.
network
low complexity
qualys CWE-79
5.4
2024-01-09 CVE-2023-6147 XXE vulnerability in Qualys Policy Compliance 1.0.5
Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services.
network
low complexity
qualys CWE-611
6.5