Vulnerabilities > Jenkins > Urltrigger > 0.28
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-25 | CVE-2021-21659 | Unspecified vulnerability in Jenkins Urltrigger Jenkins URLTrigger Plugin 0.48 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 8.1 |
| 2018-06-26 | CVE-2018-1000606 | Server-Side Request Forgery (SSRF) vulnerability in Jenkins Urltrigger A server-side request forgery vulnerability exists in Jenkins URLTrigger Plugin 0.41 and earlier in URLTrigger.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. | 4.0 |