CVE Vulnerabilities

CVE-2025-30197

Missing Password Field Masking

Published: Mar 19, 2025 | Modified: Mar 21, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Jenkins Zoho QEngine Plugin 1.0.29.vfa_cc23396502 and earlier does not mask the QEngine API Key form field, increasing the potential for attackers to observe and capture it.

Weakness 

The product does not mask passwords during entry, increasing the potential for attackers to observe and capture passwords.

Potential Mitigations 

References