Description
Jenkins Ansible Plugin 204.v8191fd551eb_f and earlier does not mask extra variables displayed on the configuration form, increasing the potential for attackers to observe and capture them.
Remediation
References
https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3017
Related Vulnerabilities
CVE-2020-6458 Vulnerability in npm package electron
CVE-2022-45935 Vulnerability in maven package org.apache.james:james-server-data-file
CVE-2015-2912 Vulnerability in maven package com.orientechnologies:orientdb-server
CVE-2019-0233 Vulnerability in maven package org.apache.struts:struts2-core
CVE-2023-30429 Vulnerability in maven package org.apache.pulsar:pulsar-broker