CVE-2021-21659

Description

Jenkins URLTrigger Plugin 0.48 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

Base Score

8.1

MODERATE

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

EPSS Score

Exploitation Probability

0.289

Vulnerability	OS Platform
Vulnerabilities CVE-2021-21659 are fixed in Jenkins - urltrigger 0.49	Windows
Vulnerabilities CVE-2021-21659 are fixed in Jenkins - urltrigger for Linux 0.49	Linux

No records found