vulnerability
Jenkins Advisory 2021-06-30: CVE-2021-21672: XXE vulnerability in Selenium HTML report Plugin
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:P/I:N/A:N) | Jun 30, 2021 | Dec 2, 2021 | Aug 11, 2025 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:P/I:N/A:N)
Published
Jun 30, 2021
Added
Dec 2, 2021
Modified
Aug 11, 2025
Description
Jenkins Selenium HTML report Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
Solutions
jenkins-lts-upgrade-2_289_2jenkins-upgrade-2_300
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.