Vulnerabilities > Jenkins > Owasp Dependency Check > 4.0.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-06 | CVE-2024-28153 | Cross-site Scripting vulnerability in Jenkins Owasp Dependency-Check Jenkins OWASP Dependency-Check Plugin 5.4.5 and earlier does not escape vulnerability metadata from Dependency-Check reports, resulting in a stored cross-site scripting (XSS) vulnerability. | 5.4 |
| 2021-11-12 | CVE-2021-43577 | XXE vulnerability in Jenkins Owasp Dependency-Check Jenkins OWASP Dependency-Check Plugin 5.1.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 7.1 |