4 matches found
CVE-2021-21680
Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity XXE attacks...
CVE-2021-21680
Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity XXE attacks...
CVE-2021-21680
CVE-2021-21680 : Jenkins Nested View Plugin (versions ≤ 1.20) does not configure its XML transformer to disable external entity resolution, enabling XXE attacks via crafted view XML. Public references (OSV, Red Hat, GHSA) indicate that starting with version 1.21 Jenkins disables external entity r...
CVE-2021-21680
Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity XXE attacks...