CVE-2022-36903
CVE-2022-36903 concerns Jenkins Repository Connector Plugin, version 2.2.0 and earlier, with a missing permission check in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate credentials IDs stored in Jenkins, constituting an information-disclosure risk. Public...