Vulnerabilities > Jenkins > Urltrigger

DATE CVE VULNERABILITY TITLE RISK
2021-05-25 CVE-2021-21659 Unspecified vulnerability in Jenkins Urltrigger
Jenkins URLTrigger Plugin 0.48 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
network
low complexity
jenkins
8.1
2018-06-26 CVE-2018-1000606 Server-Side Request Forgery (SSRF) vulnerability in Jenkins Urltrigger
A server-side request forgery vulnerability exists in Jenkins URLTrigger Plugin 0.41 and earlier in URLTrigger.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.
network
low complexity
jenkins CWE-918
4.0