Improper Restriction of XML External Entity Reference
Jenkins URLTrigger Plugin does not configure its XML parser to prevent XML external entity (XXE) attacks.
Advisories for Maven/Org.jenkins-Ci.plugins/Urltrigger package
2021
2018
Server-Side Request Forgery (SSRF)
A server-side request forgery vulnerability exists in the Jenkins URLTrigger Plugin in URLTrigger.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.