CVE-2023-4777
CVE-2023-4777 affects Qualys Container Scanning Connector Plugin for Jenkins (versions ≤ 1.6.2.6). The root cause is an incorrect permission check that lets an attacker with global Item/Configure permission, but not per-job Item/Configure, enumerate credential IDs stored in Jenkins and connect to...