CVE-2026-42525
MEDIUM SEVERITYCVSS Score & Metrics
Base Score
4.3 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Vulnerability Description
Jenkins Microsoft Entra ID (previously Azure AD) Plugin 666.v6060de32f87d and earlier does not restrict the redirect URL after login, allowing attackers to perform phishing attacks.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-601
Source
NVD
Vendor
Jenkins Project
Product
Jenkins Microsoft Entra ID (previously Azure AD) Plugin
Discussion (0)
Add Comment
No comments yet. Be the first!