Jenkins affected by Open Redirect Vulnerability

GHSA-mqgf-4rw4-2cq2 · CVE-2012-6073

Published May 14, 2022 · Modified Mar 13, 2025

Description

Open redirect vulnerability in Jenkins before 1.491, Jenkins LTS before 1.480.1, and Jenkins Enterprise 1.424.x before 1.424.6.13, 1.447.x before 1.447.4.1, and 1.466.x before 1.466.10.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2012-6073
WEB https://bugzilla.redhat.com/show_bug.cgi?id=890608
PACKAGE https://github.com/jenkinsci/jenkins
WEB https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20
WEB http://rhn.redhat.com/errata/RHSA-2013-0220.html
WEB http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-11-20.cb
WEB http://www.openwall.com/lists/oss-security/2012/12/28/1

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes