Improper Restriction of XML External Entity Reference
Jenkins Selenium HTML report Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
Advisories for Maven/Org.jenkins-Ci.plugins/Seleniumhtmlreport package
2021