vulnerability
Jenkins Advisory 2021-06-30: CVE-2021-21672: XXE vulnerability in Selenium HTML report Plugin
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:P/I:N/A:N) | Jun 30, 2021 | Dec 2, 2021 | Mar 27, 2026 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:P/I:N/A:N)
Published
Jun 30, 2021
Added
Dec 2, 2021
Modified
Mar 27, 2026
Description
Jenkins Selenium HTML report Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
Solutions
jenkins-lts-upgrade-2_289_2jenkins-upgrade-2_300
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.