CVE-2020-2120

Summary

Jenkins FitNesse Plugin 1.30 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins FitNesse Pluginunspecified <= 1.30affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References