Описание
Improper Synchronization in Jenkins Convertigo Mobile Platform Plugin
Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier uses static fields to store job configuration information, allowing attackers with Item/Configure permission to capture passwords of the jobs that will be configured.
Пакеты
Наименование
com.convertigo.jenkins.plugins:convertigo-mobile-platform
maven
Затронутые версииВерсия исправления
<= 1.1
Отсутствует
Связанные уязвимости
CVSS3: 6.5
nvd
почти 4 года назад
Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier uses static fields to store job configuration information, allowing attackers with Item/Configure permission to capture passwords of the jobs that will be configured.