Jenkins Pipeline: Build Step Plugin 2.15 and previous versions reveals password parameter default values when generating a pipeline script using the Pipeline Snippet Generator, allowing attackers with Item/Read permission to retrieve the default password parameter value from jobs.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jenkins pipeline\\ _build_step |