Posted on Leave a comment

CVE-2019-10347

Jenkins Mashup Portlets Plugin stored credentials unencrypted on the Jenkins master where they can be viewed by users with access to the master file system.

What are your thoughts?