High severity7.2NVD Advisory· Published Oct 4, 2024· Updated Apr 15, 2026
CVE-2024-47910
CVE-2024-47910
Description
An issue was discovered in SonarSource SonarQube before 9.9.5 LTA and 10.x before 10.5. A SonarQube user with the Administrator role can modify an existing configuration of a GitHub integration to exfiltrate a pre-signed JWT.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<9.9.5 || >=10.0,<10.5+ 1 more
- (no CPE)range: <9.9.5 || >=10.0,<10.5
- (no CPE)range: <9.9.5 LTA, >=10.0 <10.5
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.