CVE-2023-24443
XML Entity Expansion in Jenkins TestComplete support Plugin in maven/org.jenkins-ci.plugins/TestComplete
Identifiers
CVE-2023-24443, GHSA-g5mj-c26g-vmpm
Package Slug
maven/org.jenkins-ci.plugins/TestComplete
Vulnerability
XML Entity Expansion in Jenkins TestComplete support Plugin
Description
Jenkins TestComplete support Plugin 2.8.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
Affected Versions
All versions up to 2.8.1
Solution
Unfortunately, there is no solution available yet.
Last Modified
2023-01-27
| source |