The vulnerability of the Jenkins automation server’s Testsigma Test Plan plugin, related to the storage of keys in an open manner, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Jenkins automation server’s Testsigma Test Plan plugin lies in the storage of keys in an open manner within the config.xml file. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information...

CVE-2025-53661

Jenkins Testsigma Test Plan run Plugin 1.6 and earlier does not mask Testsigma API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...