Cleartext storage of sensitive information in Job Configuration History - CVE-2026-57287
Published: June 29, 2026
Job Configuration History
Detailed vulnerability description
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the affected plugin does not redact the encrypted values of secrets when displaying historical job and agent configurations through its "View as XML" / "(RAW)" feature and its configuration diff views. A remote user can view encrypted secret values on the system.