The version of SonarSource SonarQube Server running on the remote host is prior to 9.9.5 or 10.x prior to 10.5. It is, therefore, affected by an information disclosure vulnerability: A SonarQube user with the Administrator role can modify an existing configuration of a GitHub integration to exfiltrate a pre-signed JWT. (CVE-2024-47910) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version…Read More