CVE-2024-47162 - How a JetBrains YouTrack Token Leak Could Compromise Your Project
If you’re using JetBrains YouTrack (especially before version 2024.3.44799), there’s a critical vulnerability you should know about: CVE-2024-47162. This flaw could
CVE-2024-21685 - Unauthenticated Information Disclosure in Jira Core Data Center (Explained + Exploit Details)
Published: June 2024
CVSS Score: 7.4 (High Severity)
Affected: Jira Core Data Center 9.4., 9.12., 9.15.
Jira Core Data Center is
CVE-2024-21401 - Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability Explained
Date discovered: February 2024
Severity: Critical
Affected product: Microsoft Entra ID (Azure AD) Jira SSO Plugin
Attack type: Elevation of Privilege (EoP)
Introduction
In early
CVE-2023-44384 - How Discourse-Jira Plugin Exposed Servers to SSRF and Data Leaks
TL;DR
CVE-2023-44384 is a critical security vulnerability in the _discourse-jira_ plugin that could let attackers abuse admin or moderation features to perform SSRF (Server-Side
CVE-2023-41932 - Exploiting the Jenkins Job Configuration History Plugin to Delete Arbitrary Directories
The software development world relies heavily on automation tools like Jenkins. Many teams use plugins to extend Jenkins’ features. But sometimes, a plugin exposes a
Episode
00:00:00
00:00:00