Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:29 a.m.14 views

CVE-2023-50771

Jenkins OpenId Connect Authentication Plugin 2.6 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks...

6.1CVSS6.7AI score0.006EPSS
Exploits0
NVD
NVD
added 2023/12/13 6:15 p.m.24 views

CVE-2023-50771

Jenkins OpenId Connect Authentication Plugin 2.6 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks...

6.1CVSS0.006EPSS
Exploits0References2
OSV
OSV
added 2023/12/13 6:15 p.m.3 views

CVE-2023-50771

Jenkins OpenId Connect Authentication Plugin 2.6 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks...

6.1CVSS7AI score
Exploits0References2
Cvelist
Cvelist
added 2023/12/13 5:30 p.m.28 views

CVE-2023-50771

Jenkins OpenId Connect Authentication Plugin 2.6 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks...

6.8AI score0.006EPSS
Exploits0References2
CVE
CVE
added 2023/12/13 5:30 p.m.66 views

CVE-2023-50771

The vulnerability CVE-2023-50771 affects Jenkins OpenId Connect Authentication Plugin versions 2.6 and earlier. Root cause: the plugin improperly validates the redirect URL after login, allowing an attacker to phishingly redirect to a malicious site instead of Jenkins. Impact (per sources): poten...

6.1CVSS6.2AI score0.006EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder