CVE-2025-47888 Information

Description

Jenkins DingTalk Plugin 2.7.3 and earlier unconditionally disables SSL/TLS certificate and hostname validation for connections to the configured DingTalk webhooks.

Reference

https://www.jenkins.io/security/advisory/2025-05-14/#SECURITY-3353