Lucene search
K

14 matches found

NVD
NVD
added 2026/05/06 9:16 p.m.7 views

CVE-2026-40332

Masa CMS is affected by an Open Redirect vulnerability due to improper handling of scheme-relative URLs. The application incorrectly interprets paths beginning with double slashes // as internal paths, failing to validate the redirect target before processing. The application treats these values ...

5.3CVSS0.00328EPSS
Exploits0References1
CVE
CVE
added 2026/05/06 8:13 p.m.10 views

CVE-2026-40332

Masa CMS is affected by an Open Redirect vulnerability caused by improper handling of scheme-relative URLs. The system misinterprets paths beginning with // as internal and processes them without validating that the redirect target stays on the local site. An attacker can craft a link on the trus...

5.3CVSS5.7AI score0.00328EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/06 8:13 p.m.8 views

EUVD-2026-28216

Masa CMS is affected by an Open Redirect vulnerability due to improper handling of scheme-relative URLs. The application incorrectly interprets paths beginning with double slashes // as internal paths, failing to validate the redirect target before processing. The application treats these values ...

5.3CVSS5.7AI score0.00328EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/06 8:13 p.m.5 views

CVE-2026-40332

Masa CMS is affected by an Open Redirect vulnerability due to improper handling of scheme-relative URLs. The application incorrectly interprets paths beginning with double slashes // as internal paths, failing to validate the redirect target before processing. The application treats these values ...

5.3CVSS5.7AI score0.00328EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/06 8:13 p.m.8 views

CVE-2026-40332 Masa CMS open redirect via improper handling of scheme-relative URLs

Masa CMS is affected by an Open Redirect vulnerability due to improper handling of scheme-relative URLs. The application incorrectly interprets paths beginning with double slashes // as internal paths, failing to validate the redirect target before processing. The application treats these values ...

5.3CVSS5.7AI score0.00328EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:4 a.m.5 views

SUSE CVE-2016-3726

Multiple open redirect vulnerabilities in Jenkins before 2.3 and LTS before 1.651.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors related to "scheme-relative" URLs...

7.4CVSS9.6AI score0.02309EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2022/05/14 3:57 a.m.6 views

Jenkins affected by Open Redirect Vulnerability

Multiple open redirect vulnerabilities in Jenkins before 2.3 and LTS before 1.651.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors related to "scheme-relative" URLs...

7.4CVSS6.9AI score0.02309EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2022/05/14 3:57 a.m.2 views

GHSA-RX4R-GXPC-H85X Jenkins affected by Open Redirect Vulnerability

Multiple open redirect vulnerabilities in Jenkins before 2.3 and LTS before 1.651.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors related to "scheme-relative" URLs...

7.4CVSS6.9AI score0.02309EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2016/08/24 7:41 p.m.4 views

jenkins: Open redirect to scheme-relative URLs (SECURITY-276)

Multiple open redirect vulnerabilities in Jenkins before 2.3 and LTS before 1.651.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors related to "scheme-relative" URLs...

7.4CVSS6AI score0.02309EPSS
Exploits1References5
OSV
OSV
added 2016/05/17 2:8 p.m.6 views

CVE-2016-3726

Multiple open redirect vulnerabilities in Jenkins before 2.3 and LTS before 1.651.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors related to "scheme-relative" URLs...

7.4CVSS5.9AI score
Exploits0References4
Prion
Prion
added 2016/05/17 2:8 p.m.18 views

Open redirect

Multiple open redirect vulnerabilities in Jenkins before 2.3 and LTS before 1.651.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors related to "scheme-relative" URLs...

5.8CVSS7AI score0.02309EPSS
Exploits1References4Affected Software2
Cvelist
Cvelist
added 2016/05/17 2:0 p.m.26 views

CVE-2016-3726

Multiple open redirect vulnerabilities in Jenkins before 2.3 and LTS before 1.651.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors related to "scheme-relative" URLs...

7.3AI score0.02309EPSS
Exploits1References4
CNVD
CNVD
added 2016/05/13 12:0 a.m.4 views

CloudBees Jenkins CI and Jenkins LTS redirection vulnerability

CloudBees Jenkins CI formerly known as Hudson Labs is a Java-based continuous integration tool from CloudBees, Inc. It is mainly used to monitor ongoing software releases/testing projects and a number of timed tasks.LTS Long-Term Support is a long-supported version of CloudBees Jenkins CI is a...

7.4CVSS6.8AI score0.02309EPSS
Exploits1References1
PyPA
PyPA
added 2014/08/26 2:55 p.m.7 views

PYSEC-2014-4

The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not properly validate URLs, which allows remote attackers to conduct phishing attacks via a // slash slash in a URL, which triggers a scheme-relative URL...

5.8CVSS7AI score0.02277EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder