CVE-2026-41103 Microsoft SSO Plugin for Jira & Confluence Elevation of Privilege Vulnerability

...

CVE-2024-21401

Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability...

CVE-2024-21401

The CVE-2024-21401 entry concerns Microsoft Entra Jira Single-Sign-On Plugin. Connected PT-2024-1867 indicates the vulnerability involves insufficient access restrictions, allowing a remote attacker to elevate privileges. The PTSecurity note explicitly says affected versions are not specified and...

PT-2024-1867 · Microsoft · Entra Jira Single-Sign-On Plugin

Name of the Vulnerable Software and Affected Versions: Microsoft Entra Jira Single-Sign-On Plugin affected versions not specified Description: The issue is related to insufficient access restrictions in the Microsoft Entra Jira Single-Sign-On Plugin, which can be exploited by a remote attacker to...

WordPress YourMembership Single Sign On Plugin <= 1.1.3 is vulnerable to Broken Access Control

Software YourMembership Single Sign On Type Plugin Vulnerable versions = 1.1.3 Fixed in 1.1.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-37987 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9b1dfdc28505 Credits Aman Rawat...

CloudBees Jenkins SAML PluginHTTP Session Fixation Vulnerability

CloudBees Jenkins is a Java-based continuous integration tool from CloudBees, Inc. that is used to monitor ongoing software releases/testing projects and timed tasks.SAML Plugin is a plugin that supports authentication to Jenkins using the SAML 2.0 protocol. SAML Plugin A session fixation...