CVE-2022-41255
CVE-2022-41255 affects Jenkins with the CONS3RT Plugin 1.0.0 and earlier. The vulnerability is that the Cons3rt API token is stored unencrypted in job config.xml files on the Jenkins controller, where it can be viewed by users who have access to the controller filesystem. The available sources co...