CVE-2012-6073 Information

Description

Open redirect vulnerability in Jenkins before 1.491 Jenkins LTS before 1.480.1 and Jenkins Enterprise 1.424.x before 1.424.6.13 1.447.x before 1.447.4.1 and 1.466.x before 1.466.10.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Reference

http://rhn.redhat.com/errata/RHSA-2013-0220.html http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-11-20.cb http://www.openwall.com/lists/oss-security/2012/12/28/1 https://bugzilla.redhat.com/show_bug.cgi?id=890608 https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20