Jenkins MATLAB Plugin 2.11.0 and Earlier Cross-Site Request Forgery (CSRF) Vulnerability Allows XML File Parsing

Jenkins MATLAB Plugin 2.11.0 and Earlier Cross-Site Request Forgery (CSRF) Vulnerability Allows XML File Parsing

CVE-2023-49655 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

A cross-site request forgery (CSRF) vulnerability in Jenkins MATLAB Plugin 2.11.0 and earlier allows attackers to have Jenkins parse an XML file from the Jenkins controller file system.

Learn more about our Web Application Penetration Testing UK.