CVE-2019-10280
CVE-2019-10280 affects the Jenkins Assembla Auth Plugin. The issue is that credentials are stored unencrypted in the global config.xml on the Jenkins master, allowing access to those credentials by users who can access the master filesystem. The connected documents confirm the vulnerable storage ...