VYPR
Moderate severityNVD Advisory· Published Jul 12, 2023· Updated Nov 7, 2024

CVE-2023-37947

CVE-2023-37947

Description

Jenkins OpenShift Login Plugin 1.1.0.227.v27e08dfb_1a_20 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.openshift.jenkins:openshift-loginMaven
< 1.1.0.230.v5d7030b1.1.0.230.v5d7030b

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

1