Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2016-3726

Multiple open redirect vulnerabilities in Jenkins before 2.3 and LTS before 1.651.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors related to "scheme-relative" URLs.

  • Published: May 17, 2016
  • Updated: Apr 13, 2023
  • CVE: CVE-2016-3726
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.4
  • AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

CVSS v2:

  • Severity: Medium
  • Score: 5.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:N

No CWE or OWASP classifications available.

Software From Fixed in
jenkins / jenkins - 1.651.1.x
redhat / openshift 3.1 3.1.x
redhat / openshift 3.2 3.2.x
jenkins / jenkins - 2.2.x