Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Jenkins Subscribe
Filtered by product Urltrigger
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-21659 1 Jenkins 1 Urltrigger 2021-05-28 5.5 MEDIUM 8.1 HIGH
Jenkins URLTrigger Plugin 0.48 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
CVE-2018-1000606 1 Jenkins 1 Urltrigger 2018-08-23 4.0 MEDIUM 6.5 MEDIUM
A server-side request forgery vulnerability exists in Jenkins URLTrigger Plugin 0.41 and earlier in URLTrigger.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.