Improper Restriction of XML External Entity Reference
Jenkins Xcode integration Plugin 2.0.14 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
Advisories for Maven/Org.jenkins-Ci.plugins/Xcode-Plugin package
2022