CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
21.3%
External Monitor Job Type Plugin is vulnerable to XML External Entity (XXE) Attacks. The vulnerability exists because it does not properly configure the XML parser which allows an attacker with Item/Build permission to parse a crafted HTTP request with XML data, resulting in external entity (XXE) attacks.