2 matches found
CVE-2023-24445
CVE-2023-24445 affects Jenkins OpenID Plugin 2.4 and earlier, which improperly determines that a redirect URL after login points to Jenkins, enabling phishing via open redirects. Public documents (NVD, ENISA EUVD, Red Hat, GHSA, OSS OSV, Tenable Nessus) consistently describe this open redirect is...
CVE-2023-24445
Jenkins OpenID Plugin 2.4 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins...