-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.jenkins-ci.plugins:nunit | maven | < 0.26 | 0.26 |
Miggo AIRoot Cause AnalysisThe vulnerability stemmed from insecure XML parser configuration. The commit patching CVE-2020-2115 adds XXE protection by:
The original vulnerable code in initialize() used DocumentBuilderFactory.newInstance()/TransformerFactory.newInstance() without these security settings, making XML parsing susceptible to XXE attacks via user-controlled input files during the post-build step.
A Semantic Attack on Google Gemini - Read the Latest Research