Testcomplete Support

testcomplete_support

Vendor: Jenkins • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-33002 1Jenkins 1Testcomplete Support Jan 23, 2025 May 16, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Jenkins TestComplete support Plugin 2.8.1 and earlier does not escape the TestComplete project name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
CVE-2023-24443 1Jenkins 1Testcomplete Support Apr 2, 2025 Jan 26, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Jenkins TestComplete support Plugin 2.8.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
CVE-2020-2209 1Jenkins 1Testcomplete Support Nov 21, 2024 Jul 2, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 Jenkins TestComplete support Plugin 2.4.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master fil...Show more Jenkins TestComplete support Plugin 2.4.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system.Show less