GHSA-4CXR-4VWC-6PG7 Jenkins Bitbucket Approve Plugin stores credentials in plain text

Bitbucket Approve Plugin stores credentials unencrypted in its global configuration file org.jenkinsci.plugins.bitbucketapprove.BitbucketApprover.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

PT-2019-11347 · Jenkins · Jenkins Bitbucket Approve Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Bitbucket Approve Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file on the Jenkins master or controller. Specifically, the...