Required CVE Record Information
Description
Jenkins Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 2 Total
- https://jenkins.io/security/advisory/2020-04-16/#SECURITY-1753 x_transferred
- openwall.com: [oss-security] 20200416 Multiple vulnerabilities in Jenkins plugins mailing-listx_transferred