Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins bitbucket oauth vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2019-10460
Jenkins Bitbucket OAuth Plugin 0.9 and previous versions stored credentials unencrypted in the global config.xml configuration file on the Jenkins master where they could be viewed by users with access to the master file system.
Jenkins Bitbucket Oauth
NA
CVE-2023-24427
Jenkins Bitbucket OAuth Plugin 0.12 and previous versions does not invalidate the previous session on login.
Jenkins Bitbucket Oauth
NA
CVE-2023-24428
A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket OAuth Plugin 0.12 and previous versions allows malicious users to trick users into logging in to the attacker's account.
Jenkins Bitbucket Oauth
312
VMScore
CVE-2022-28133
Jenkins Bitbucket Server Integration Plugin 3.1.0 and previous versions does not limit URL schemes for callback URLs on OAuth consumers, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create BitBucket Server consumers.
Jenkins Bitbucket Server Integration
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4956
validation
CVE-2024-35221
remote attackers
CVE-2023-30309
CVE-2024-36112
CVE-2024-23109
CVE-2023-43850
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started