2 matches found
BIT-JENKINS-2026-53437
Jenkins 2.567 and earlier, LTS 2.555.2 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins when it contains tab or newline characters between //, allowing attackers to perform phishing attacks...
CVE-2026-53437
CVE-2026-53437 affects Jenkins 2.567 and earlier, and LTS 2.555.2 and earlier. The issue is an open redirect: the redirect URL after login is incorrectly treated as pointing to Jenkins when it contains tab or newline characters between â//â, enabling phishing attacks. The connected Nessus entry f...