Description
Jenkins Backlog Plugin 2.4 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2022-4693 | Jenkins Backlog Plugin 2.4 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure. |
Github GHSA |
GHSA-p68c-xg89-2g5r | Credentials transmitted in plain text by Backlog Plugin |
References
History
No history.
Status: PUBLISHED
Assigner: jenkins
Published:
Updated: 2024-08-04T07:01:40.686Z
Reserved: 2019-12-05T00:00:00.000Z
Link: CVE-2020-2153
No data.
Status : Modified
Published: 2020-03-09T16:15:14.670
Modified: 2026-06-17T03:11:51.747
Link: CVE-2020-2153
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-319
Cleartext Transmission of Sensitive Information
EUVD
Github GHSA