Loading HuntDB...

GHSA-3ppr-72x5-x67q

GitHub Security Advisory

XML external entity vulnerability on agents in Jenkins MSTest Plugin

✓ GitHub Reviewed CRITICAL Has CVE

Advisory Details

Jenkins MSTest Plugin 1.0.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

Affected Packages

Maven org.jvnet.hudson.plugins:mstest
Affected versions: 0 (fixed in 1.0.1)

Related CVEs

Key Information

GHSA ID
GHSA-3ppr-72x5-x67q
Published
January 26, 2023 9:30 PM
Last Modified
January 4, 2024 12:11 PM
CVSS Score
9.0 /10
Primary Ecosystem
Maven
Primary Package
org.jvnet.hudson.plugins:mstest
GitHub Reviewed
✓ Yes

Dataset

Last updated: August 25, 2025 6:33 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.