Loading HuntDB...

GHSA-685j-36qx-3vp2

GitHub Security Advisory

Cross-site request forgery vulnerability in Jenkins Bitbucket OAuth Plugin

✓ GitHub Reviewed MODERATE Has CVE

Advisory Details

A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket OAuth Plugin 0.12 and earlier allows attackers to trick users into logging in to the attacker's account.

Affected Packages

Maven org.jenkins-ci.plugins:bitbucket-oauth
Affected versions: 0 (fixed in 0.13)

Related CVEs

Key Information

GHSA ID
GHSA-685j-36qx-3vp2
Published
January 26, 2023 9:30 PM
Last Modified
February 6, 2023 4:43 PM
CVSS Score
5.0 /10
Primary Ecosystem
Maven
Primary Package
org.jenkins-ci.plugins:bitbucket-oauth
GitHub Reviewed
✓ Yes

Dataset

Last updated: July 5, 2025 6:26 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.