Jenkins Pipeline is a set of plug-ins that support the implementation and integration of continuous delivery pipelines into Jenkins.The Jenkins Pipeline Phoenix AutoTest Plugin 1.3 and earlier versions are vulnerable to XML external entity injection, which can be exploited by remote attackers to send specially crafted XML files to extract secrets from Jenkins controller or server-side request forgery to extract secrets.
CPE | Name | Operator | Version |
---|---|---|---|
jenkins pipeline phoenix autotest plugin | lt | 1.3 |