Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/06/18 7:43 p.m.8 views

CVE-2026-53437

A flaw was found in Jenkins. This vulnerability allows a remote attacker to perform phishing attacks by crafting a malicious redirect URL. The flaw occurs because Jenkins improperly validates redirect URLs after login, specifically when tab or newline characters are present between the // in the...

7.4CVSS5AI score0.00364EPSS
Exploits0References4
OSV
OSV
added 2026/06/12 12:28 p.m.6 views

OESA-2026-2679 python-webob security update

WebOb provides wrappers around the WSGI request environment, and an object to help create WSGI responses. The objects map much of the specified behavior of HTTP, including header parsing and accessors for other standard parts of the environment. Security Fixes: Impact When WebOb normalizes the HT...

6.1CVSS5.3AI score0.00161EPSS
Exploits0References2
OSV
OSV
added 2026/06/12 8:43 a.m.5 views

BIT-JENKINS-2026-53437

Jenkins 2.567 and earlier, LTS 2.555.2 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins when it contains tab or newline characters between //, allowing attackers to perform phishing attacks...

7.4CVSS5.4AI score0.00364EPSS
Exploits0References2
NVD
NVD
added 2026/06/10 2:16 p.m.10 views

CVE-2026-53437

Jenkins 2.567 and earlier, LTS 2.555.2 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins when it contains tab or newline characters between //, allowing attackers to perform phishing attacks...

7.4CVSS0.00364EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/10 1:5 p.m.36 views

CVE-2026-53437

Jenkins 2.567 and earlier, LTS 2.555.2 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins when it contains tab or newline characters between //, allowing attackers to perform phishing attacks...

0.00364EPSS
Exploits0References1
CVE
CVE
added 2026/06/10 1:5 p.m.24 views

CVE-2026-53437

CVE-2026-53437 affects Jenkins 2.567 and earlier, and LTS 2.555.2 and earlier. The issue is an open redirect: the redirect URL after login is incorrectly treated as pointing to Jenkins when it contains tab or newline characters between “//”, enabling phishing attacks. The connected Nessus entry f...

7.4CVSS5.5AI score0.00364EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.6 views

PT-2024-24591 · Phlex · Phlex

Name of the Vulnerable Software and Affected Versions: phlex versions prior to 1.10.1 phlex versions prior to 1.9.2 phlex versions prior to 1.8.3 phlex versions prior to 1.7.2 phlex versions prior to 1.6.3 phlex versions prior to 1.5.3 phlex versions prior to 1.4.2 Description: There is a potenti...

7.1CVSS6AI score0.00575EPSS
Exploits0References14
Rows per page
Query Builder