Unmasked Access Tokens in Jenkins Report Portal Plugin Configuration Form
CVE-2023-30524 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Jenkins Report Portal Plugin 0.5 and earlier does not mask ReportPortal access tokens displayed on the configuration form, increasing the potential for attackers to observe and capture them.
Learn more about our Web Application Penetration Testing UK.