Sitemonitor Security Vulnerabilities and Issues — Sitemonitor CVE List

Lucene search

JenkinsSitemonitor

2 matches found

CVE•added 2022/03/29 1:15 p.m.•107 views

CVE-2022-28153

Jenkins SiteMonitor Plugin 0.6 and earlier does not escape URLs of sites to monitor in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

5.4CVSS5.2AI score0.2585EPSS

CVE•added 2019/04/30 1:29 p.m.•32 views

CVE-2019-10317

Jenkins SiteMonitor Plugin 0.5 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM.

5.9CVSS5.7AI score0.00063EPSS