← Back

Xray Test Management For Jira

xray_-_test_management_for_jira

Vendor: Jenkins • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-21653
1Jenkins
1Xray Test Management For Jira
Jun 17, 2026
May 11, 2021
N/A· v4
4.3 MEDIUM· v3
4.0 MEDIUM· v2
Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier does not perform a permission check in an HTTP endpoint, allowing with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkin...Show more
Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier does not perform a permission check in an HTTP endpoint, allowing with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.Show less
CVE-2021-21652
1Jenkins
1Xray Test Management For Jira
Jun 17, 2026
May 11, 2021
N/A· v4
7.1 HIGH· v3
5.8 MEDIUM· v2
A cross-site request forgery (CSRF) vulnerability in Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obta...Show more
A cross-site request forgery (CSRF) vulnerability in Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.Show less