Jenkins Dingding JSON Pusher Plugin 2.0 and earlier does not mask access tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: jenkins

Published: 2023-12-13T17:30:19.459Z

Updated: 2024-08-02T22:23:42.974Z

Reserved: 2023-12-13T13:06:36.477Z

Link: CVE-2023-50773

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-12-13T18:15:44.183

Modified: 2024-11-21T08:37:17.213

Link: CVE-2023-50773

cve-icon Redhat

No data.