An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS1qMjc5LWN4OW0tanYzd84AAWxT

Jenkins Google Login Plugin Open Redirect vulnerability

An open redirect vulnerability exists in Jenkins Google Login Plugin 1.3 and older in that allows attackers to redirect users to an arbitrary URL after successful login. Google Login Plugin 1.3.1 only performs redirects to relative URLs.

Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: over 1 year ago
Updated: 8 months ago

CVSS Score: 5.4
CVSS vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Identifiers: GHSA-j279-cx9m-jv3w, CVE-2018-1000174

Affected Packages

Versions: <= 1.3
Fixed in: 1.3.1