The vulnerability of the Warrior Framework plugin for Jenkins’ automation servers, related to the storage of passwords in an open manner, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Jenkins automation server’s Warrior Framework plugin lies in the storage of passwords in an exposed manner within the config.xml file. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information...

GHSA-2G8W-9933-36VR Jenkins Warrior Framework Plugin vulnerability exposes unencrypted passwords to certain authenticated users

Jenkins Warrior Framework Plugin 1.2 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

Jenkins Warrior Framework Plugin vulnerability exposes unencrypted passwords to certain authenticated users

Jenkins Warrior Framework Plugin 1.2 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

CVE-2025-53675

Jenkins Warrior Framework Plugin 1.2 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

CVE-2025-53675

Jenkins Warrior Framework Plugin 1.2 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

CVE-2025-53675

Jenkins Warrior Framework Plugin 1.2 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

CVE-2025-53675

The CVE-2025-53675 entry describes a vulnerability in the Jenkins Warrior Framework Plugin (versions 1.2 and earlier) where passwords are stored unencrypted in job config.xml on the Jenkins controller. This allows users with Item/Extended Read permission or access to the Jenkins controller filesy...

Jenkins plugin Warrior Framework 安全漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...

PT-2025-28927 · Jenkins · Jenkins Warrior Framework Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Warrior Framework Plugin versions 1.2 and earlier Description: The Jenkins Warrior Framework Plugin stores passwords unencrypted in job config.xml files on the Jenkins controller. This allows users with Item/Extended Read permission o...