CVE-2020-2092

Summary

Jenkins Robot Framework Plugin 2.0.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks, allowing users with Job/Configure to have Jenkins parse crafted XML documents.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Robot Framework Pluginunspecified <= 2.0.0affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References