CVE-2019-16541: jenkins-jira-plugin: plugin information disclosure

Severity: Critical

CVSS Score: 6.5

Jenkins JIRA Plugin 3.0.10 and earlier does not declare the correct (folder) scope for per-folder Jira site definitions, allowing users to select and use credentials with System scope.