Jenkins OpenId Connect Authentication Plugin 2.6 and previous versions improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing malicious users to perform phishing attacks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jenkins openid |