CVE-2022-46682

CVE-2022-46682 affects Jenkins Plot Plugin 2.1.11 and earlier. The root cause is that the plugin’s XML parser did not disable external entity resolution, enabling XXE attacks. Impact is high (CVE metrics show critical severity with potential confidentiality, integrity, and availability impacts). ...