CVE-2018-1000174

An open redirect vulnerability exists in Jenkins Google Login Plugin 1.3 and older in GoogleOAuth2SecurityRealm.java that allows attackers to redirect users to an arbitrary URL after successful login.
References
Link Resource
https://jenkins.io/security/advisory/2018-04-16/ Vendor Advisory
http://www.securityfocus.com/bid/104211 Third Party Advisory VDB Entry
Configurations

Configuration 1

cpe:2.3:a:jenkins:google_login:*:*:*:*:*:jenkins:*:*

Information

Published : 2018-05-08 03:29

Updated : 2018-06-13 02:53


NVD link : CVE-2018-1000174

Mitre link : CVE-2018-1000174

Products Affected
No products.
CWE
CWE-601

URL Redirection to Untrusted Site ('Open Redirect')