1. Application Insights Connection String Baked into Docker Image Layer Metadata via CI/CD Pipeline
A security misconfiguration in the frontend Docker build pipeline exposes the Application Insights connection string within persistent image layer metadata, creating a secrets-leakage vector accessible to anyone with container registry access. The vulnerability stems from how `VITE_APPINSIGHTS_CONNECTION_STRING` is pas...