Описание
Jenkins Weibo Plugin stores credentials unencrypted in its global configuration file
Jenkins Weibo Plugin 1.0.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
Пакеты
Наименование
org.jenkins-ci.plugins:weibo
maven
Затронутые версииВерсия исправления
<= 1.0.1
Отсутствует
Связанные уязвимости
CVSS3: 5.5
nvd
около 6 лет назад
Jenkins Weibo Plugin 1.0.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.