CVE-2021-43576
Summary : CVE-2021-43576 affects the Jenkins pom2config Plugin (versions 1.2 and earlier). The root cause is that the plugin does not configure its XML parser to disable XML External Entity (XXE) processing, allowing crafted XML to be parsed in Jenkins with insufficient access controls. Under the...