6.9 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
18.2%
Jenkins Jira Plugin 3.11 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to.
www.openwall.com/lists/oss-security/2023/11/29/1
www.jenkins.io/security/advisory/2023-11-29/