PT-2026-51797 · Jenkins · Jenkins Job Configuration History Plugin

Published

2026-06-24

Updated

2026-06-24

CVE-2026-57287

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Jenkins Job Configuration History Plugin 1356.ve360da 6c523a and earlier does not redact the encrypted values of secrets when displaying historical job and agent configurations, allowing attackers with Extended Read permission to view encrypted secret values that would otherwise be redacted.

Fix

Cleartext Storage of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-312

Related Identifiers

CVE-2026-57287

Affected Products

Jenkins Job Configuration History Plugin

PT-2026-51797 · Jenkins · Jenkins Job Configuration History Plugin

CVE-2026-57287

Weakness Enumeration

Related Identifiers

Affected Products

References · 2