2 matches found
CVE-2022-45400
Jenkins JAPEX Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-45400
Jenkins JAPEX Plugin (versions 1.7 and earlier) is vulnerable to an XML External Entity (XXE) attack because it does not configure its XML parser to prevent XXE. This is documented across multiple sources (CVE-2022-45400; GHSA-8538-25V4-25PG; NVD entry). The root cause is improper parser configur...