-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| com.geteasyqa:easyqa | maven | <= 1.0 |
Miggo AIRoot Cause AnalysisThe vulnerability stems from unencrypted password storage in EasyQAPluginProperties.xml. In Jenkins plugins, configuration is typically handled by classes extending Plugin or implementing Describable. The presence of password fields in EasyQAPluginProperties.java without encryption in configure() (which handles config persistence) and getPassword() (which exposes credentials) directly enables plaintext storage. This matches Jenkins plugin architecture patterns and the CWE-256 description of plaintext credential storage vulnerabilities.
A Semantic Attack on Google Gemini - Read the Latest Research