
We found results for “”
CVE-2025-30197
Good to know:

Date: March 19, 2025
Jenkins Zoho QEngine Plugin 1.0.29.vfa_cc23396502 and earlier does not mask the QEngine API Key form field, increasing the potential for attackers to observe and capture it.
Severity Score
Related Resources (5)
Severity Score
Weakness Type (CWE)
Top Fix

Upgrade Version
Upgrade to version io.jenkins.plugins:zohoqengine:1.0.31.v4a_b_1db_6d6a_f2;io.jenkins.plugins:zohoqengine:1.0.31.v4a_b_1db_6d6a_f2
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | HIGH |
Privileges Required (PR): | NONE |
User Interaction (UI): | REQUIRED |
Scope (S): | UNCHANGED |
Confidentiality (C): | LOW |
Integrity (I): | NONE |
Availability (A): | NONE |