6 matches found
GHSA-58CH-C2JF-5G23 Jenkins remote-jobs-view-plugin vulnerable to XML external entity attacks
Jenkins remote-jobs-view-plugin Plugin 0.0.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows authenticated attackers with Overall/Read permission to have Jenkins parse a crafted XML document that uses external entities for extraction of secret...
Jenkins remote-jobs-view-plugin vulnerable to XML external entity attacks
Jenkins remote-jobs-view-plugin Plugin 0.0.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows authenticated attackers with Overall/Read permission to have Jenkins parse a crafted XML document that uses external entities for extraction of secret...
CVE-2023-28684
CVE-2023-28684 affects Jenkins’ remote-jobs-view-plugin (versions 0.0.3 and earlier). The root cause is an XML parser not configured to prevent XML external entity (XXE) attacks. This vulnerability can be exploited by authenticated attackers with Overall/Read permission to have Jenkins parse craf...
CVE-2023-28684
Jenkins remote-jobs-view-plugin Plugin 0.0.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
Jenkins Plugins remote-jobs-view-plugin 代码问题漏洞
Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in Jenkins Plugins remote-jobs-view-plugin 0.0.3 and earlier versions that stems from not...
PT-2023-21903 · Jenkins · Jenkins Remote-Jobs-View-Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins remote-jobs-view-plugin Plugin versions 0.0.3 and earlier Description: The issue is related to the XML parser not being configured to prevent XML external entity XXE attacks. This allows authenticated attackers with Overall/Read...