Lucene search
The University Of Cambridge Web Authentication System Apache Authentication Agent Security Vulnerabilities
cve
Directory Traversal was discovered in University of Cambridge mod_ucam_webauth before 2.0.2. The key identification field ("kid") of the IdP's HTTP response message ("WLS-Response") can be manipulated by an attacker. The "kid" field is not signed like the rest of the message, and manipulation is th...
9.8CVSS
9.3AI Score
0.002EPSS
2019-05-13 04:29 PM
17