PT-2019-14722 · Jenkins · Jenkins Team Concert Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Team Concert Plugin versions 1.3.0 and earlier Description: A missing permission check in form-related methods allows users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins. Recommendations: For...