GHSA-mj62-m63x-mh84, CVE-2023-24445
maven/org.jenkins-ci.plugins/openid
Open redirect vulnerability in Jenkins OpenID Plugin
Jenkins OpenID Plugin 2.4 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins.
All versions up to 2.4
Unfortunately, there is no solution available yet.
2023-01-27
source |