CVE-2026-48924

Jenkins Bitbucket OAuth Plugin 0.17 and earlier does not restrict the redirect URL after login, allowing attackers to perform phishing attacks...

Jenkins Bitbucket OAuth Plugin 安全漏洞

The Jenkins Bitbucket OAuth Plugin is an open-source identity authentication plugin for Jenkins. Versions of the Jenkins Bitbucket OAuth Plugin prior to 0.17 contain security vulnerabilities. These vulnerabilities stem from the lack of restrictions on the redirection URL after login, which may...

EUVD-2022-3105

Malicious code in bioql PyPI...

CVE-2019-10460

Jenkins Bitbucket OAuth Plugin 0.9 and earlier stored credentials unencrypted in the global config.xml configuration file on the Jenkins master where they could be viewed by users with access to the master file system...

Cross-site request forgery vulnerability in Jenkins Bitbucket OAuth Plugin

A cross-site request forgery CSRF vulnerability in Jenkins Bitbucket OAuth Plugin 0.12 and earlier allows attackers to trick users into logging in to the attacker's account...

CVE-2023-24428

A cross-site request forgery CSRF vulnerability in Jenkins Bitbucket OAuth Plugin 0.12 and earlier allows attackers to trick users into logging in to the attacker's account...

CVE-2023-24428

A cross-site request forgery CSRF vulnerability in Jenkins Bitbucket OAuth Plugin 0.12 and earlier allows attackers to trick users into logging in to the attacker's account...

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Bitbucket OAuth Plugin 0.12 and earlier allows attackers to trick users into logging in to the attacker's account...

Design/Logic Flaw

Jenkins Bitbucket OAuth Plugin 0.12 and earlier does not invalidate the previous session on login...

Jenkins Plugin Bitbucket OAuth 授权问题漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

PT-2023-19587 · Jenkins · Jenkins Bitbucket Oauth Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Bitbucket OAuth Plugin versions 0.12 and earlier Description: The issue arises because the Jenkins Bitbucket OAuth Plugin does not invalidate the previous session on login, which can lead to potential security risks. Recommendations:...

CVE-2023-24427

Jenkins Bitbucket OAuth Plugin 0.12 and earlier does not invalidate the previous session on login...

CVE-2023-24428

A cross-site request forgery CSRF vulnerability in Jenkins Bitbucket OAuth Plugin 0.12 and earlier allows attackers to trick users into logging in to the attacker's account...

com.elasticbox.jenkins-ci.plugins:elasticbox (>=4.0.9 <=4.1.0), org.jenkins-ci.lib:xtrigger-lib (=0.36) +13 more potentially affected by CVE-2016-0789 via org.jenkins-ci.main:jenkins-core (>=1.643 <=1.649)

org.jenkins-ci.main:jenkins-core MAVEN version =1.643, =4.0.9, =1.643, =1.643, =1.645, =0.5, =1.648, =4.0.4, =1.0.0, =1.643, =1.0.45, =0.3.2, =0.3.8 - org.jenkins.plugins.statistics.gatherer:statistics-gatherer =1.0.1 Source cves: CVE-2016-0789 Source advisory: OSV:GHSA-8P3C-M625-WH83...

Unspecified Vulnerability in CloudBees Jenkins Bitbucket OAuth Plugin

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . Bitbucket OAuth Plugin is used in which a...