CVE-2019-16541

Summary

Jenkins JIRA Plugin 3.0.10 and earlier does not declare the correct (folder) scope for per-folder Jira site definitions, allowing users to select and use credentials with System scope.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins JIRA Plugin3.0.10 and earlieraffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References