2 matches found
CVE-2019-10443
Jenkins iceScrum Plugin 1.1.4 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10443
CVE-2019-10443 affects Jenkins iceScrum Plugin up to version 1.1.4, where credentials are stored unencrypted in job config.xml on the Jenkins master. This enables access by users with Extended Read permission or access to the master filesystem, per multiple advisories (ZDI-19-933, Jenkins securit...