3 matches found
CVE-2019-10333
Missing permission checks in Jenkins ElectricFlow Plugin 1.1.5 and earlier in various HTTP endpoints allowed users with Overall/Read access to obtain information about the Jenkins ElectricFlow Plugin configuration and configuration of connected ElectricFlow instances...
CVE-2019-10333
The provided connected documents confirm a vulnerability in Jenkins ElectricFlow Plugin (versions 1.1.5 and earlier) where missing permission checks on HTTP endpoints allowed users with Overall/Read access to retrieve sensitive information about the plugin configuration and connected ElectricFlow...
CVE-2019-10333
Missing permission checks in Jenkins ElectricFlow Plugin 1.1.5 and earlier in various HTTP endpoints allowed users with Overall/Read access to obtain information about the Jenkins ElectricFlow Plugin configuration and configuration of connected ElectricFlow instances...