Jenkins Parameterized Trigger vulnerabilities

CVE-2022-27195 [MEDIUM] CVE-2022-27195: Jenkins Parameterized Trigger Plugin 2.43 and earlier captures environment variables passed to build Jenkins Parameterized Trigger Plugin 2.43 and earlier captures environment variables passed to builds triggered using Jenkins Parameterized Trigger Plugin, including password parameter values, in their `build.xml` files. These values are stored unencrypted and can be viewed by users with access to the Jenkins controller file system.

CVE-2017-1000084 [MEDIUM] CWE-276 CVE-2017-1000084: Parameterized Trigger Plugin fails to check Item/Build permission: The Parameterized Trigger Plugin Parameterized Trigger Plugin fails to check Item/Build permission: The Parameterized Trigger Plugin did not check the build authentication it was running as and allowed triggering any other project in Jenkins.