CVE-2021-21680

Summary

Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity (XXE) attacks.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Nested View Pluginunspecified <= 1.20affected
Jenkins projectJenkins Nested View Plugin1.19.1unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References