Cccc
1 CVEs
product
Monthly
Jenkins CCCC Plugin 0.6 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Jenkins
XXE
Cccc
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-45395
Maven
EPSS 1%
CVSS 9.8
CRITICAL
Act Now
Jenkins CCCC Plugin 0.6 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Jenkins
XXE
Cccc
NVD