Vulnerabilities > Jenkins > Instant Messaging

DATE CVE VULNERABILITY TITLE RISK
2022-03-29 CVE-2022-28135 Insufficiently Protected Credentials vulnerability in Jenkins Instant-Messaging
Jenkins instant-messaging Plugin 1.41 and earlier stores passwords for group chats unencrypted in the global configuration file of plugins based on Jenkins instant-messaging Plugin on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.
network
low complexity
jenkins CWE-522
6.5