Shodan
Vulnerabilities
Vulnerable Software
Jenkins:  >> Icescrum  >> 1.1.5  Security Vulnerabilities
CVE-2024-28160
Jenkins iceScrum Plugin 1.1.6 and earlier does not sanitize iceScrum project URLs on build views, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure jobs.
CVSS Score
8.8
EPSS Score
0.003
Published
2024-03-06
CVE-2019-10441
A cross-site request forgery vulnerability in Jenkins iceScrum Plugin 1.1.5 and earlier allowed attackers to connect to an attacker-specified URL using attacker-specified credentials.
CVSS Score
4.3
EPSS Score
0.003
Published
2019-10-16
CVE-2019-10442
A missing permission check in Jenkins iceScrum Plugin 1.1.5 and earlier allowed attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials.
CVSS Score
4.3
EPSS Score
0.0
Published
2019-10-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved