Maven package
org.jvnet.hudson.plugins/sitemonitor
pkg:maven/org.jvnet.hudson.plugins/sitemonitor
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-28153 | — | <= 0.6 | — | Mar 29, 2022 | Jenkins SiteMonitor Plugin 0.6 and earlier does not escape URLs of sites to monitor in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | ||
| CVE-2019-10317 | — | < 0.6 | 0.6 | Apr 30, 2019 | Jenkins SiteMonitor Plugin 0.5 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM. |
- CVE-2022-28153Mar 29, 2022affected <= 0.6
Jenkins SiteMonitor Plugin 0.6 and earlier does not escape URLs of sites to monitor in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
- CVE-2019-10317Apr 30, 2019affected < 0.6fixed 0.6
Jenkins SiteMonitor Plugin 0.5 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM.