Описание
Tokens stored in plain text by PaaSLane Estimate Plugin
Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier does not mask PaaSLane authentication tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them.
Пакеты
Наименование
com.cloudtp.jenkins:paaslane-estimate
maven
Затронутые версииВерсия исправления
<= 1.0.4
Отсутствует
Связанные уязвимости
CVSS3: 4.3
nvd
около 2 лет назад
Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier does not mask PaaSLane authentication tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them.