2 matches found
CVE-2021-21653
Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier does not perform a permission check in an HTTP endpoint, allowing with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
PT-2021-14696 · Jenkins · Jenkins Xray - Test Management For Jira Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Xray - Test Management for Jira Plugin versions 2.4.0 and earlier Description: The issue concerns a lack of permission check in an HTTP endpoint, allowing users with Overall/Read permission to enumerate credentials IDs of credentials...