CVE-2019-10370

Jenkins Mask Passwords Plugin 2.12.0 and earlier transmits globally configured passwords in plain text as part of the configuration form, potentially resulting in their exposure. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt