Exposure of Gitea Personal Access Tokens in Jenkins Gitea Plugin 1.4.4 and Earlier
CVE-2022-46685 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
In Jenkins Gitea Plugin 1.4.4 and earlier, the implementation of Gitea personal access tokens did not support credentials masking, potentially exposing them through the build log.
Learn more about our Web Application Penetration Testing UK.