A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket OAuth Plugin 0.12 and earlier allows attackers to trick users into logging in to the attacker's account.

Cross-site request forgery vulnerability in Jenkins Bitbucket OAuth Plugin