CVE-2019-10387
CVE-2019-10387 affects Jenkins XL TestView Plugin versions 1.2.0 and earlier. The root cause is a missing permission check in XLTestView.XLTestDescriptor#doTestConnection, enabling users with Overall/Read access to connect to an attacker-controlled URL using attacker-supplied credentials IDs and ...