CVE-2022-34805

Jenkins Skype notifier Plugin 1.1.0 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system...

Plaintext Storage of a Password in Jenkins Skype notifier Plugin

Skype notifier Plugin 1.1.0 and earlier stores a password unencrypted in its global configuration file hudson.plugins.skype.im.transport.SkypePublisher.xml on the Jenkins controller as part of its configuration. This password can be viewed by users with access to the Jenkins controller file syste...

GHSA-GVMR-MP5Q-9WVW Plaintext Storage of a Password in Jenkins Skype notifier Plugin

Skype notifier Plugin 1.1.0 and earlier stores a password unencrypted in its global configuration file hudson.plugins.skype.im.transport.SkypePublisher.xml on the Jenkins controller as part of its configuration. This password can be viewed by users with access to the Jenkins controller file syste...

CVE-2022-34805

CVE-2022-34805 affects Jenkins Skype notifier Plugin versions 1.1.0 and earlier. The vulnerability is due to a password stored in plaintext in the plugin’s global configuration on the Jenkins controller, which can be viewed by anyone with filesystem access to the controller. Some sources specify ...