Password Reflection in Gradle Enterprise Build Cache Nodes

Password Reflection in Gradle Enterprise Build Cache Nodes

CVE-2019-11403 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

In Gradle Enterprise before 2018.5.2, Build Cache Nodes would reflect the configured password back when viewing the HTML page source of the settings page.

Learn more about our Web Application Penetration Testing UK.