Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-35503

Slack plugin reveals integration token

    XMLWordPrintable

Details

    Description

      The Slack plugin reveals the integration token in the global configuration. In environments when many people have access to view the global configuration, this presents a security vulnerability since the token appears to give access to quite a bit of the Slack instance (though it's not entirely clear where that's configured).

      Attachments

        Issue Links

          Activity

            People

              kmadel Kurt Madel
              dom Dominic Hargreaves
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: