7 matches found
CVE-2020-2315
Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
GHSA-JVJM-J945-8QWC XXE vulnerability in Jenkins Visualworks Store Plugin
Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers with the ability to control the output of a script that run Visualworks with StoreCI, or able to control an agent process, to have Jenkins parse a...
XXE vulnerability in Jenkins Visualworks Store Plugin
Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers with the ability to control the output of a script that run Visualworks with StoreCI, or able to control an agent process, to have Jenkins parse a...
CVE-2020-2315
Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
Xxe
Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2020-2315
Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2020-2315
The CVE-2020-2315 issue affects Jenkins Visualworks Store Plugin versions 1.1.3 and earlier. The root cause is that the plugin’s XML parser does not disable XML External Entity (XXE) processing, enabling crafted XML to potentially reveal secrets from the Jenkins controller or facilitate SSRF-like...