Jenkins Performance Publisher Plugin 8.09 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
2023-04-02T21:15:09.367
2025-02-25T19:15:14.060
Modified
CVSSv3.1: 8.2 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | jenkins | performance_publisher | ≤ 8.09 | Yes |