5 matches found
CVE-2023-50771
Jenkins OpenId Connect Authentication Plugin 2.6 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks...
CVE-2023-50771
Jenkins OpenId Connect Authentication Plugin 2.6 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks...
CVE-2023-50771
Jenkins OpenId Connect Authentication Plugin 2.6 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks...
CVE-2023-50771
Jenkins OpenId Connect Authentication Plugin 2.6 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks...
CVE-2023-50771
The vulnerability CVE-2023-50771 affects Jenkins OpenId Connect Authentication Plugin versions 2.6 and earlier. Root cause: the plugin improperly validates the redirect URL after login, allowing an attacker to phishingly redirect to a malicious site instead of Jenkins. Impact (per sources): poten...