Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2022/03/30 12:0 a.m.21 views

Stored XSS vulnerability in Jenkins Bitbucket Server Integration Plugin

Jenkins Bitbucket Server Integration Plugin 3.1.0 and earlier does not limit URL schemes for callback URLs on OAuth consumers, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to create BitBucket Server consumers...

5.4CVSS2.6AI score0.00792EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2022/03/30 12:0 a.m.26 views

Missing permission checks in Jekins Bitbucket Server Integration Plugin

Jenkins Bitbucket Server Integration Plugin 3.1.0 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to create, view, and delete BitBucket Server consumers...

5.5CVSS2.4AI score0.00642EPSS
Exploits0References4Affected Software1
AlpineLinux
AlpineLinux
added 2022/03/29 12:30 p.m.64 views

CVE-2022-28134

Jenkins Bitbucket Server Integration Plugin 3.1.0 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to create, view, and delete BitBucket Server consumers...

5.5CVSS2.7AI score0.00642EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2022/03/29 12:30 p.m.68 views

CVE-2022-28133

Jenkins Bitbucket Server Integration Plugin 3.1.0 and earlier does not limit URL schemes for callback URLs on OAuth consumers, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to create BitBucket Server consumers...

5.4CVSS2.7AI score0.00792EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/03/29 12:0 a.m.7 views

PT-2022-18832 · Jenkins · Jenkins Bitbucket Server Integration Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Bitbucket Server Integration Plugin versions 3.1.0 and earlier Description: The issue allows attackers with Overall/Read permission to create, view, and delete BitBucket Server consumers due to a lack of permission checks in several...

5.5CVSS5.3AI score0.00642EPSS
Exploits0References8
Rows per page
Query Builder