CVE-2019-10474
The CVE-2019-10474 entry concerns Jenkins Global Post Script Plugin. A missing permission check allows users with Overall/Read access to list the scripts stored on the Jenkins master file system, exposing file paths (e.g., $JENKINS_HOME/global-post-script) and related configuration data. Multiple...