Datadog · Datadog Plugin · CVE-2017-1000114
**Name of the Vulnerable Software and Affected Versions**
Datadog Plugin (affected versions not specified)
**Description**
The issue concerns the transmission of an API key in plain text as part of the configuration form, potentially exposing it through browser extensions or cross-site scripting vulnerabilities. The API key is used to access the Datadog service and is stored encrypted on disk.
**Recommendations**
For the Datadog Plugin, update to a version that encrypts the API key transmitted to administrators viewing the global configuration form to prevent potential exposure.