Description

Multiple open redirect vulnerabilities in Jenkins before 2.3 and LTS before 1.651.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors related to "scheme-relative" URLs.

Remediation

References

CVE-2016-3726

Related Vulnerabilities

ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9455)

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5489)

WordPress Plugin Responsive Gallery Grid Cross-Site Scripting (2.3.8)

WordPress Plugin Article Directory Redux Cross-Site Scripting (1.0.2)

Joomla! Core 2.5.x Security Bypass (2.5.0 - 2.5.24)

Severity

High

Classification

CVE-2016-3726 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities