|
||||||||
|
This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira |
||||||||
- [JIRA] (JENKINS-4428) Security leak ... [email protected] (JIRA)
This issue is still occurring. I am running version 1.471 of the Jenkins service. I have installed the password masking plugin. This effectively removes the passwords from any log files, but if a job that takes a password as a parameter is waiting in the queue and you hover over the hyperlink, the password is shown. This is NOT good. The shows my active directory password to anyone else that hovers over this link and may give someone access to a network resource that they would not otherwise have access to. PLEASE FIX!