| Summary | An issue was discovered in SonarSource SonarQube before 9.9.5 LTA and 10.x before 10.5. A SonarQube user with the Administrator role can modify an existing configuration of a GitHub integration to exfiltrate a pre-signed JWT. |
|---|---|
| Publication Date | Oct. 5, 2024, 6:15 a.m. |
| Registration Date | Oct. 5, 2024, noon |
| Last Update | Oct. 8, 2024, 2:48 a.m. |