Loading...

This issue is archived. You can view it, but you can't modify it. Learn more

Log In
Closed

XML

Word

Printable

Type: Bug
Resolution: Not A Defect
Priority: Blocker
Component/s: credentials-plugin
Labels:
- issue-exported-to-github

I'm currently using the credentials plugin to encrypt may username and password . However, in my pipeline script I found a way to hack the password by inserting a character in the password this causes the password to be printed clearly and since I'm the person who added the character if I removed it then I have the password.

This causes a huge security issue for us.

duplicates

JENKINS-50242 withCredentials step masking easily bypassed

Resolved

relates to

JENKINS-42950 credentials-binding-plugin not masking secret text when it includes a single quote

Resolved

Assignee:: Unassigned
Reporter:: sara elmenshawy

Created:: 2020-02-04 12:50
Updated:: 2025-12-08 23:21
Resolved:: 2020-05-18 07:52
Archived:: 2025-12-08 23:21

Details

Description

Attachments

Issue Links

Activity

People

Dates