Unmasked Authentication Tokens in Jenkins PaaSLane Estimate Plugin
CVE-2023-50777 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier does not mask PaaSLane authentication tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them.
Learn more about our Web Application Penetration Testing UK.