4 matches found
CVE-2022-28155
Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-28155
Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-28155
Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-28155
CVE-2022-28155 concerns the Jenkins Pipeline: Phoenix AutoTest Plugin (versions 1.3 and earlier). The vulnerability arises because the plugin’s XML parser is not configured to prevent XML external entity (XXE) attacks. Attackers able to supply crafted XML inputs to build steps such as readXml/wri...