Codedx is vulnerable to Information Disclosure. The vulnerability exists because the server API keys are stored in job config.xml
without encrypting which allows an attacker to gain read access on the controller file system.
CPE | Name | Operator | Version |
---|---|---|---|
code dx plugin | le | 3.1.0 | |
code dx plugin | le | 3.1.0 |