Description
Jenkins Stash Branch Parameter Plugin 0.3.0 and earlier transmits configured passwords in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure.
Remediation
References
http://www.openwall.com/lists/oss-security/2020/07/02/7
https://jenkins.io/security/advisory/2020-07-02/#SECURITY-1656
Related Vulnerabilities
CVE-2018-17421 Vulnerability in maven package com.zrlog:zrlog
CVE-2019-1010260 Vulnerability in maven package com.github.shyiko:ktlint
CVE-2019-0201 Vulnerability in maven package org.apache.zookeeper:zookeeper
CVE-2018-20821 Vulnerability in npm package node-sass
CVE-2019-10785 Vulnerability in maven package org.webjars.npm:dojox