CVE-2020-2304

Improper Restriction of XML External Entity Reference in maven/org.jenkins-ci.plugins/subversion

Identifier

CVE-2020-2304

Package Slug

maven/org.jenkins-ci.plugins/subversion

Vulnerability

Improper Restriction of XML External Entity Reference

Description

Jenkins Subversion Plugin does not configure its XML parser to prevent XML external entity (XXE) attacks.

Affected Versions

All versions up to 2.13.1

Solution

Upgrade to version 2.13.2 or higher.

Last Modified

2020-11-13

source