2019-10-16 13:00:45
jenkins
PUBLISHED
A missing permission check in Jenkins CRX Content Package Deployer Plugin 1.8.1 and earlier in various doFillCredentialsIdItems methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.