The Jenkins Plugin is a plug-in that provides appropriate functionality for Jenkins, and the Jenkins Chef Sinatra Plugin is vulnerable to an access control error. An attacker could exploit this vulnerability to allow Jenkins to send HTTP requests to an attacker-controlled URL and have it parse the XML responses.
CPE | Name | Operator | Version |
---|---|---|---|
jenkins chef sinatra plugin | le | 1.20 |