XML File Parsing Vulnerability in Jenkins MATLAB Plugin 2.11.0 and Earlier
CVE-2023-49654 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Missing permission checks in Jenkins MATLAB Plugin 2.11.0 and earlier allow attackers to have Jenkins parse an XML file from the Jenkins controller file system.
Learn more about our Web Application Penetration Testing UK.