Jenkins Bitbucket OAuth Plugin CSRF Vulnerability: User Account Hijacking

Jenkins Bitbucket OAuth Plugin CSRF Vulnerability: User Account Hijacking

CVE-2023-24428 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket OAuth Plugin 0.12 and earlier allows attackers to trick users into logging in to the attacker's account.

Learn more about our User Device Pen Test.