2 matches found
CVE-2023-28685
Jenkins AbsInt a³ Plugin 1.1.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2023-28685
CVE-2023-28685 affects Jenkins AbsInt a³ Plugin (≤1.1.0). It does not configure its XML parser to prevent XML External Entity (XXE) attacks, enabling potential disclosure of secrets from the Jenkins controller via crafted XML. CVSSv3.1 base score 7.1 (HIGH): Network attack vector, LOW privileges ...