cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-24398,https://securityvulnerability.io/vulnerability/CVE-2025-24398,CSRF Bypass Vulnerability in Jenkins Bitbucket Server Integration Plugin by Jenkins,"The Jenkins Bitbucket Server Integration Plugin, versions 2.1.0 through 4.1.3, is susceptible to a Cross-Site Request Forgery (CSRF) vulnerability. This flaw allows attackers to manipulate URLs to bypass the CSRF protections implemented in Jenkins, potentially leading to unauthorized actions within the Jenkins environment. It is crucial for users of the affected versions to update promptly to maintain system integrity and safeguard against possible exploitation.",Jenkins,Jenkins Bitbucket Server Integration Plugin,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-22T17:02:52.362Z,0
CVE-2022-28133,https://securityvulnerability.io/vulnerability/CVE-2022-28133,Stored XSS Vulnerability in Bitbucket Server Integration Plugin by Jenkins,"The Bitbucket Server Integration Plugin for Jenkins before version 3.1.0 lacks restrictions on URL schemes for callback URLs when used with OAuth consumers. This oversight enables attackers with the capability to create Bitbucket Server consumers to exploit the system, resulting in the potential execution of malicious scripts within the user's browser context, thus compromising user data and application security.",Jenkins,Jenkins Bitbucket Server Integration Plugin,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2022-03-29T13:15:00.000Z,0
CVE-2022-28134,https://securityvulnerability.io/vulnerability/CVE-2022-28134,Insufficient Permissions in Jenkins Bitbucket Server Integration Plugin,"The Jenkins Bitbucket Server Integration Plugin versions 3.1.0 and earlier are prone to insufficient permission checks within several HTTP endpoints. This flaw permits attackers possessing Overall/Read permissions to create, view, and delete consumers associated with Bitbucket Server. Exploiting this vulnerability could lead to unauthorized modifications and exposure of sensitive data, thereby compromising the overall integrity and security of the Jenkins environment.",Jenkins,Jenkins Bitbucket Server Integration Plugin,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2022-03-29T12:30:45.000Z,0