Description

Jenkins SoapUI Pro Functional Testing Plugin 1.5 and earlier transmits project passwords in its configuration in plain text as part of job configuration forms, potentially resulting in their exposure.

Remediation

References

CVE-2020-2251

Related Vulnerabilities

Oracle Database Server CVE-2010-0854 Vulnerability (CVE-2010-0854)

WordPress Plugin Contest Gallery-Photo Contest for WordPress Cross-Site Request Forgery (10.4.1.1)

Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2018-8004)

WordPress Plugin All-In-One Security (AIOS)-Security and Firewall SQL Injection (3.8.7)

Oracle Database Server CVE-2024-21233 Vulnerability (CVE-2024-21233)

Severity

Medium

Classification

CVE-2020-2251 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities