Unmasked Extra Variables in Jenkins Ansible Plugin Configuration Form

Unmasked Extra Variables in Jenkins Ansible Plugin Configuration Form

CVE-2023-32983 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Jenkins Ansible Plugin 204.v8191fd551eb_f and earlier does not mask extra variables displayed on the configuration form, increasing the potential for attackers to observe and capture them.

Learn more about our Web Application Penetration Testing UK.