CVE-2019-10414
The CVE affects Jenkins Git Changelog Plugin versions 2.17 and earlier. Credentials were stored unencrypted in job config.xml on the Jenkins master, exposing them to users with Extended Read permission or with access to the master file system. Practical impact is disclosure of sensitive credentia...