Mstest
1 CVEs
product
Monthly
Jenkins MSTest Plugin 1.0.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Jenkins
XXE
Mstest
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-24441
Maven
EPSS 1%
CVSS 9.8
CRITICAL
PATCH
Act Now
Jenkins MSTest Plugin 1.0.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Jenkins
XXE
Mstest
NVD