CVE-2023-49656

Published: Nov 29, 2023
Updated: May 10, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2023-49656" target="_blank" rel="noopener"> CVE-2023-49656
GHSA: <a href="https://github.com/advisories/GHSA-82q9-88m2-4v68" target="_blank" rel="noopener"> GHSA-82q9-88m2-4v68
Severity: Critical
Exploit:

Jenkins MATLAB Plugin 2.11.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

CVSS v3:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
org.jenkins-ci.plugins / matlab	-	2.11.1
jenkins / matlab	-	2.11.1