CVE-2019-10422
The CVE-2019-10422 entry concerns the Jenkins Call Remote Job Plugin, which stores credentials unencrypted in job config.xml files on the Jenkins master/controller. This plaintext storage enables disclosure to users with Extended Read permission or with access to the Jenkins master filesystem. Th...