cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-41937,https://securityvulnerability.io/vulnerability/CVE-2023-41937,Vulnerability in Jenkins Bitbucket Plugin Exposes Credentials,"The Jenkins Bitbucket Push and Pull Request Plugin, versions 2.4.0 to 2.8.3, improperly trusts values in webhook payloads. This flaw allows attackers to send specially crafted webhook requests that can deceive the plugin into connecting to arbitrary URLs, leading to the exposure of sensitive Bitbucket credentials stored within Jenkins. This vulnerability emphasizes the need for stringent validation of incoming data and robust security measures to protect critical user information.",Jenkins,Jenkins Bitbucket Push And Pull Request Plugin,7.5,HIGH,0.001180000021122396,false,false,false,false,,false,false,2023-09-06T13:15:00.000Z,0