ServerCredentialMapping.DescriptorImpl.doFillCredentialsIdItems should probably start with
lest it expose credentials IDs and descriptions to anonymous users.
This is assuming that context is actually expected to be non-null. Though if so, why is CredentialsHelper.findValidCredentials ignoring it? If there is no item context, check something, such as Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER).
|Field||Original Value||New Value|
|Link||This issue is blocking SECURITY-158 [ SECURITY-158 ]|
|Status||Open [ 1 ]||Resolved [ 5 ]|
|Resolution||Fixed [ 1 ]|
|Workflow||JNJira [ 158931 ]||JNJira + In-Review [ 195931 ]|