3 matches found
GHSA-G6H2-4X64-C59X Improper Restriction of XML External Entity Reference Jenkins Token Macro Plugin
An XML external entities XXE vulnerability in Jenkins Token Macro Plugin 2.7 and earlier allowed attackers able to control a the content of the input file for the "XML" macro to have Jenkins resolve external entities, resulting in the extraction of secrets from the Jenkins agent, server-side...
jenkins-plugin-token-macro: XML External Entity processing the ${XML} macro
An XML external entities XXE vulnerability in Jenkins Token Macro Plugin 2.7 and earlier allowed attackers able to control a the content of the input file for the "XML" macro to have Jenkins resolve external entities, resulting in the extraction of secrets from the Jenkins agent, server-side...
CVE-2019-10337
An XML external entities XXE vulnerability in Jenkins Token Macro Plugin 2.7 and earlier allowed attackers able to control a the content of the input file for the "XML" macro to have Jenkins resolve external entities, resulting in the extraction of secrets from the Jenkins agent, server-side...