CVE-2022-28154
CVE-2022-28154 affects the Jenkins Coverage/Complexity Scatter Plot Plugin (version 1.1.1 and earlier). The root cause is that the plugin’s XML parser is not configured to prevent XML external entity (XXE) attacks. This can allow an attacker who can provide crafted input files to cause XXE proces...