Advisories for Maven/Org.jenkins-Ci.plugins/Rapiddeploy-Jenkins package

The Jenkins RapidDeploy Plugin does not configure it's XML parser to prevent XML external entity (XXE) attacks.

The Jenkins RapidDeploy Plugin does not escape package names in the table of packages obtained from a remote server, resulting in a stored XSS vulnerability.

A missing permission check in Jenkins RapidDeploy Plugin allows attackers with Overall/Read permission to connect to an attacker-specified web server.

A cross-site request forgery vulnerability in Jenkins RapidDeploy Plugin allows attackers to connect to an attacker-specified web server.