3 matches found
CVE-2025-53662
Jenkins IFTTT Build Notifier Plugin 1.2 and earlier stores IFTTT Maker Channel Keys unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...
Insufficiently Protected Credentials
Overview org.jenkins-ci.plugins:ifttt-build-notifier is a Simple Jenkins Build Status Notifier for IFTTT Maker Channel Trigger. Affected versions of this package are vulnerable to Insufficiently Protected Credentials via the storage of sensitive keys in config.xml files. An attacker can gain...
PT-2025-28914 · Jenkins · Jenkins Ifttt Build Notifier Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins IFTTT Build Notifier Plugin versions 1.2 and earlier Description: The Jenkins IFTTT Build Notifier Plugin stores IFTTT Maker Channel Keys unencrypted in job config.xml files on the Jenkins controller. These keys can be viewed by users...