CVE-2018-1000423
The CVE-2018-1000423 entry concerns Jenkins Crowd 2 Integration Plugin 2.0.0 and earlier, where credentials used to connect to Crowd 2 are stored in the plugin and can be accessed if an attacker has local filesystem access. The affected components are CrowdSecurityRealm.java and CrowdConfiguratio...