Details
-
Bug
-
Resolution: Fixed
-
Low
Description
I erased the actual password but it's in plaintext anyone who can push to a repo that has git in its pipelines can read any secured fields like this.
EDIT: The password in question had a space in it, and the space was converted to %20. But that's really close to the original password.
Also it didn't work, probably because of the %20.