CVE-2025-24398 Information

Description

Jenkins Bitbucket Server Integration Plugin 2.1.0 through 4.1.3 (both inclusive) allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins.

Reference

https://www.jenkins.io/security/advisory/2025-01-22/#SECURITY-3434