Vulnerabilities > Improper Restriction of XML External Entity Reference ('XXE')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-02 | CVE-2023-28681 | XXE vulnerability in Jenkins Visual Studio Code Metrics Jenkins Visual Studio Code Metrics Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 8.2 |
| 2023-04-02 | CVE-2023-28682 | XXE vulnerability in Jenkins Performance Publisher Jenkins Performance Publisher Plugin 8.09 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 8.2 |
| 2023-04-02 | CVE-2023-28683 | XXE vulnerability in Jenkins Phabricator Differential Jenkins Phabricator Differential Plugin 2.1.5 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 8.2 |
| 2023-04-02 | CVE-2023-28684 | XXE vulnerability in Jenkins Remote-Jobs-View 0.0.2/0.0.3 Jenkins remote-jobs-view-plugin Plugin 0.0.3 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 6.5 |
| 2023-03-30 | CVE-2022-43473 | XXE vulnerability in Zohocorp Manageengine Opmanager A blind XML External Entity (XXE) vulnerability exists in the Add UCS Device functionality of ManageEngine OpManager 12.6.168. | 5.4 |
| 2023-03-29 | CVE-2022-36969 | XXE vulnerability in Aveva Edge This vulnerability allows remote attackers to disclose sensitive information on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). | 7.1 |
| 2023-03-24 | CVE-2023-28150 | XXE vulnerability in Independentsoft Jodf An issue was discovered in Independentsoft JODF before 1.1.110. | 9.8 |
| 2023-03-24 | CVE-2023-28151 | XXE vulnerability in Independentsoft Jspreadsheet An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. | 9.8 |
| 2023-03-24 | CVE-2023-28152 | XXE vulnerability in Independentsoft Jword An issue was discovered in Independentsoft JWord before 1.1.110. | 9.8 |
| 2023-03-22 | CVE-2023-28685 | XXE vulnerability in Jenkins Absint A3 Jenkins AbsInt a³ Plugin 1.1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 7.1 |