CVE 2019-10465
A missing permission check in Jenkins Deploy WebLogic Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials, or determine whether a file or directory with an attacker-specified path exists on the Jenkins master file system.
See the
CVE page on Mitre.org
for more details.