2 matches found
CVE-2020-2153
Jenkins Backlog Plugin 2.4 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure...
CVE-2020-2153
CVE-2020-2153 affects Jenkins Backlog Plugin versions 2.4 and earlier. The root cause is that credentials are transmitted in plain text as part of job configuration forms, while stored credentials remain encrypted on disk. This can expose credentials to users with Extended Read permission when co...