Jenkins Xebialabs Xl Deploy — known CVE vulnerabilities
Every CVE whose affected-product data names Jenkins Xebialabs Xl Deploy, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2021-21665 — CVSS 8.8 (high): A cross-site request forgery (CSRF) vulnerability in Jenkins XebiaLabs XL Deploy Plugin 10.0.1 and earlier allows attackers to connect to…
CVE-2019-10304 — CVSS 6.5 (medium): A cross-site request forgery vulnerability in Jenkins XebiaLabs XL Deploy Plugin in the Credential#doValidateUserNamePassword form…
CVE-2019-10305 — CVSS 6.5 (medium): A missing permission check in Jenkins XebiaLabs XL Deploy Plugin in the Credential#doValidateUserNamePassword form validation method allows…
CVE-2021-21664 — CVSS 6.5 (medium): An incorrect permission check in Jenkins XebiaLabs XL Deploy Plugin 10.0.1 and earlier allows attackers with Generic Create permission to…
CVE-2021-21662 — CVSS 4.3 (medium): A missing permission check in Jenkins XebiaLabs XL Deploy Plugin 10.0.1 and earlier allows attackers with Overall/Read permission to…
CVE-2021-21663 — CVSS 4.3 (medium): A missing permission check in Jenkins XebiaLabs XL Deploy Plugin 7.5.8 and earlier allows attackers with Overall/Read permission to connect…