CVE-2018-1000054
The vulnerability is in Jenkins CCM Plugin 3.1 and earlier, which processes XML external entities in files during the build. This XXE handling can allow attackers with Jenkins user permissions to extract secrets from the Jenkins master, perform server-side request forgery (SSRF), or cause denial-...