Lucene search
Jenkins Pom2config Plugin Security Vulnerabilities
cve
Jenkins pom2config Plugin 1.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks, allowing attackers with Overall/Read and Item/Read permissions to have Jenkins parse a crafted XML file that uses external entities for extraction of secrets from the Jenkins...
6.5CVSS
6.3AI Score
0.005EPSS
2021-11-12 11:15 AM
37