-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.jenkins-ci.plugins:perfectomobile | maven | <= 2.62.0.3 |
Miggo AIRoot Cause AnalysisThe vulnerability stems from unencrypted credential storage in com.perfectomobile.jenkins.ScriptExecutionBuilder.xml. Jenkins plugins typically handle configuration through Descriptor classes and DataBound setters. The advisory specifically identifies this XML file, indicating the configuration persistence mechanism (likely configure() method) fails to encrypt credentials. The connection configuration class would contain methods for credential handling that lack encryption. While exact code isn't available, Jenkins plugin patterns and the specific file reference strongly suggest these functions as the vulnerable components.
A Semantic Attack on Google Gemini - Read the Latest Research