Vulnerable Systems:
* SonarQube Plugin for Jenkins 3.7
SonarQube Plugin for Jenkins contains a flaw that is triggered when a direct request is sent for /jenkins/configure, which will cause the plugin to display password information via the 'sonar.sonarPassword ' parameter. This may allow a remote authenticated attacker to gain access to password information.