CVE-2022-28133
CVE-2022-28133 : Jenkins Bitbucket Server Integration Plugin 3.1.0 and earlier is vulnerable to stored XSS because it does not limit URL schemes for callback URLs on OAuth consumers. This allows an attacker who can create Bitbucket Server consumers to execute JavaScript in a victim’s browser. Aff...