CVE-2023-24427

Session fixation vulnerability in Jenkins Bitbucket OAuth Plugin in maven/org.jenkins-ci.plugins/bitbucket-oauth

Identifiers

CVE-2023-24427, GHSA-x9q4-qwfh-9gjq

Package Slug

maven/org.jenkins-ci.plugins/bitbucket-oauth

Vulnerability

Session fixation vulnerability in Jenkins Bitbucket OAuth Plugin

Description

Jenkins Bitbucket OAuth Plugin 0.12 and earlier does not invalidate the previous session on login.

Affected Versions

All versions up to 0.13

Solution

Unfortunately, there is no solution available yet.

Last Modified

2023-01-27

source