2 matches found
CVE-2023-24445
Jenkins OpenID Plugin 2.4 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins...
CVE-2023-24445
CVE-2023-24445 affects Jenkins OpenID Plugin 2.4 and earlier, which improperly determines that a redirect URL after login points to Jenkins, enabling phishing via open redirects. Public documents (NVD, ENISA EUVD, Red Hat, GHSA, OSS OSV, Tenable Nessus) consistently describe this open redirect is...