XML File Parsing Vulnerability in Jenkins MATLAB Plugin 2.11.0 and Earlier

CVE-2023-49654 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Missing permission checks in Jenkins MATLAB Plugin 2.11.0 and earlier allow attackers to have Jenkins parse an XML file from the Jenkins controller file system.

Learn more about our Web Application Penetration Testing UK.