Mend Vulnerability Database
What is a CVE vulnerability ID? What is a WS vulnerability ID? What is an MSC vulnerability ID?New vulnerability? Tell us about it!
We found results for “”
Date: September 21, 2022
Jenkins RQM Plugin 2.8 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
Weakness Type (CWE)
Improper Restriction of XML External Entity Reference ('XXE')CWE-611
|Attack Vector (AV):||NETWORK|
|Attack Complexity (AC):||LOW|
|Privileges Required (PR):||NONE|
|User Interaction (UI):||NONE|