CVE-2023-33000

Jenkins NS-ND Integration Performance Publisher Plugin displays credentials without masking in maven/io.jenkins.plugins/cavisson-ns-nd-integration

Identifiers

GHSA-gqxr-hvrw-6hfh, CVE-2023-33000

Package Slug

maven/io.jenkins.plugins/cavisson-ns-nd-integration

Vulnerability

Jenkins NS-ND Integration Performance Publisher Plugin displays credentials without masking

Description

Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.149 and earlier does not mask credentials displayed on the configuration form, increasing the potential for attackers to observe and capture them.

Affected Versions

All versions before 4.11.0.48

Solution

Upgrade to version 4.11.0.48 or above.

Last Modified

2023-05-17

source