CVE-2023-2633

Jenkins Code Dx Plugin 3.1.0 and earlier does not mask Code Dx server API keys displayed on the configuration form, increasing the potential for attackers to observe and capture them...

SUSE CVE-2017-1000387

Jenkins Build-Publisher plugin version 1.21 and earlier stores credentials to other Jenkins instances in the file hudson.plugins.buildpublisher.BuildPublisher.xml in the Jenkins master home directory. These credentials were stored unencrypted, allowing anyone with local file system access to acce...

PT-2020-15360 · Jenkins · Jenkins Repository Connector Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Repository Connector Plugin versions 1.2.6 and earlier Description: The issue concerns the transmission of configured credentials in plain text as part of the global Jenkins configuration form. Although credentials are stored encrypte...

UBUNTU-CVE-2013-1832

repository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 includes the WebDAV password in the configuration form, which allows remote authenticated administrators to obtain sensitive information by configuring an instance...