2 matches found
CVE-2023-30528
Jenkins WSO2 Oauth Plugin 1.0 and earlier does not mask the WSO2 Oauth client secret on the global configuration form, increasing the potential for attackers to observe and capture it...
CVE-2023-30528
CVE-2023-30528 affects Jenkins WSO2 Oauth Plugin 1.0 and earlier. Root cause: the WSO2 Oauth client secret is stored unencrypted in the global config.xml and the global configuration form does not mask the secret, enabling observers with Jenkins controller file-system access to view the secret. I...