CVE-2017-1000114

Name of the Vulnerable Software and Affected Versions Datadog Plugin (affected versions not specified)

Description The issue concerns the transmission of an API key in plain text as part of the configuration form, potentially exposing it through browser extensions or cross-site scripting vulnerabilities. The API key is used to access the Datadog service and is stored encrypted on disk.

Recommendations For the Datadog Plugin, update to a version that encrypts the API key transmitted to administrators viewing the global configuration form to prevent potential exposure.