A missing permission check in Jenkins XebiaLabs XL Deploy Plugin 10.0.1 and earlier allows attackers with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Xebialabs_xl_deploy | Jenkins | * | 10.0.1 (including) |