4 matches found
CVE-2020-2144
Jenkins Rundeck Plugin 3.6.6 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2020-2144
Jenkins Rundeck Plugin 3.6.6 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2020-2144
Summary: CVE-2020-2144 affects the Jenkins Rundeck Plugin, version 3.6.6 and earlier. The underlying issue is that the plugin’s XML parser does not disable XML External Entity (XXE) processing, which can enable a user with read access to submit crafted XML that leverages external entities, potent...
CVE-2020-2144
Jenkins Rundeck Plugin 3.6.6 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...