Joachim Fritschi: >> Phpcas >> 0.4.1 Security Vulnerabilities
phpCAS before 1.1.2 allows remote authenticated users to hijack sessions via a query string containing a crafted ticket value.
CVSS Score
4.0
EPSS Score
0.006
Published
2010-08-05
Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2, when proxy mode is enabled, allows remote attackers to inject arbitrary web script or HTML via a callback URL.
CVSS Score
2.6
EPSS Score
0.007
Published
2010-08-05