CVE-2020-2298
Improper Restriction of XML External Entity Reference in maven/org.jenkins-ci.plugins/nerrvana-plugin
Identifiers
CVE-2020-2298
Package Slug
maven/org.jenkins-ci.plugins/nerrvana-plugin
Vulnerability
Improper Restriction of XML External Entity Reference
Description
Jenkins Nerrvana Plugin does not configure its XML parser to prevent XML external entity (XXE) attacks.
Affected Versions
All versions up to 1.02.06
Solution
Unfortunately, there is no solution available yet.
Last Modified
2020-10-19
| source |