Vulnerabilities > Qualys > Policy Compliance > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-09 | CVE-2023-6148 | Cross-site Scripting vulnerability in Qualys Policy Compliance 1.0.5 Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. | 5.4 |
| 2024-01-09 | CVE-2023-6147 | XXE vulnerability in Qualys Policy Compliance 1.0.5 Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. | 6.5 |