3 matches found
CVE-2020-2315
Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2020-2315
Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2020-2315
The CVE-2020-2315 issue affects Jenkins Visualworks Store Plugin versions 1.1.3 and earlier. The root cause is that the plugin’s XML parser does not disable XML External Entity (XXE) processing, enabling crafted XML to potentially reveal secrets from the Jenkins controller or facilitate SSRF-like...