PT-2020-15382 · Jenkins · Jenkins Code Coverage Api Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Code Coverage API Plugin versions 1.1.4 and earlier Description: The issue allows a user who can control the input files for the "Publish Coverage Report" post-build step to have Jenkins parse a crafted file that uses external entitie...