-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.jvnet.hudson.plugins:jabber | maven | <= 1.41 | 1.42 |
JavaJavaMiggo AIRoot Cause AnalysisThe analysis focused on the changes made to handle passwords in the JabberPublisherDescriptor class. The functions getPassword() and applyPassword() were identified as vulnerable because they directly handle password storage and retrieval. The patch changes these functions to use Secret for password handling, indicating that the previous handling was insecure.
Ongoing coverage of React2Shell