CVE-2022-41248
CVE-2022-41248 affects Jenkins BigPanda Notifier Plugin (versions ≤ 1.4.0). The root cause is that the plugin does not mask the BigPanda API key in the global configuration form and stores the API key in plaintext in the Jenkins controller file system (e.g., BigpandaGlobalNotifier.xml). This expo...