Low severityNVD Advisory· Published Apr 12, 2023· Updated Feb 7, 2025
CVE-2023-30528
CVE-2023-30528
Description
Jenkins WSO2 Oauth Plugin 1.0 and earlier does not mask the WSO2 Oauth client secret on the global configuration form, increasing the potential for attackers to observe and capture it.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jenkins-ci.plugins:wso2id-oauthMaven | <= 1.0 | — |
Affected products
2- Range: 0
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-q9hm-hr89-hgm7ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-30528ghsaADVISORY
- www.jenkins.io/security/advisory/2023-04-12/ghsavendor-advisoryWEB
- www.openwall.com/lists/oss-security/2023/04/13/3ghsaWEB
News mentions
1- Jenkins Security Advisory 2023-04-12Jenkins Security Advisories · Apr 12, 2023