BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Jasig CAS server vulnerabilities Sep 21 2015 12:53PM
Antoni Klajn (antoni d klajn pwr edu pl)
Hi,

Jasig CAS server version 4.0.1 is prone to xss vulnerabilities

Timeline:

20.02.2015 - Vendor notified
11.05.2015 - Patches released
21.09.2015 - Bugtraq disclosure

Vulnerable version:

4.0.1

Fixed version:

4.0.2

Vulnerabilities details:

1) XSS in OpenID server

Obtain method:
Paste thi...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus