Description
Multiple open redirect vulnerabilities in Jenkins before 2.3 and LTS before 1.651.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors related to "scheme-relative" URLs.
Remediation
References
Related Vulnerabilities
phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-12922)
WordPress Plugin Share Buttons by AddThis Cross-Site Request Forgery (5.3.5)
Drupal Core 5.x Multiple Cross-Site Request Forgery Vulnerabilities (5.0 - 5.1)
WordPress Plugin Badgearoo Cross-Site Scripting (1.0.8)
WordPress Plugin WooCommerce PDF Vouchers-Ultimate Gift Cards Unspecified Vulnerability (4.9.4)