CVE-2020-2315

MEDIUM

Jenkins Visualworks Store Plugin <1.1.3 - XXE

Title source: llm

Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

Core 1

Core References

Vendor Advisory x_refsource_confirm

CVSS v3 6.5

EPSS 0.0027

EPSS Percentile 50.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Status published

Products (2)

jenkins/visualworks_store < 1.1.3

org.jenkins-ci.plugins/visualworks-store 0 - 1.1.4Maven

Published Nov 04, 2020

Tracked Since Feb 18, 2026