Skip to main content

Testcomplete Support

3 CVEs product

Monthly

CVE-2023-33002 Maven MEDIUM This Month

Jenkins TestComplete support Plugin 2.8.1 and earlier does not escape the TestComplete project name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XSS Testcomplete Support
NVD
CVSS 3.1
5.4
EPSS
2.4%
CVE-2023-24443 Maven CRITICAL PATCH Act Now

Jenkins TestComplete support Plugin 2.8.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins XXE Testcomplete Support
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2020-2209 Maven MEDIUM PATCH This Month

Jenkins TestComplete support Plugin 2.4.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Information Disclosure Testcomplete Support
NVD
CVSS 3.1
4.3
EPSS
0.7%
EPSS 2% CVSS 5.4
MEDIUM This Month

Jenkins TestComplete support Plugin 2.8.1 and earlier does not escape the TestComplete project name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XSS Testcomplete Support
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Jenkins TestComplete support Plugin 2.8.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins XXE Testcomplete Support
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Jenkins TestComplete support Plugin 2.4.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Information Disclosure Testcomplete Support
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy