Jenkins S3 Explorer Plugin 1.0.8 and earlier does not mask the AWS_SECRET_ACCESS_KEY form field, increasing the potential for attackers to observe and capture it.
Affected Software
Name |
Vendor |
Start Version |
End Version |
S3_explorer |
Jenkins |
* |
1.0.8 (including) |
References