Vulnerabilities > Jenkins > Openshift Login > 1.0.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-12 | CVE-2023-37946 | Session Fixation vulnerability in Jenkins Openshift Login Jenkins OpenShift Login Plugin 1.1.0.227.v27e08dfb_1a_20 and earlier does not invalidate the previous session on login. | 8.8 |
| 2023-07-12 | CVE-2023-37947 | Open Redirect vulnerability in Jenkins Openshift Login Jenkins OpenShift Login Plugin 1.1.0.227.v27e08dfb_1a_20 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks. | 6.1 |