Lucene search
K

5 matches found

CNNVD
CNNVD
added 2026/05/28 12:0 a.m.10 views

Casdoor 安全漏洞

Casdoor is an open-source platform developed by Casdoor that supports various authentication and authorization protocols. Versions of Casdoor prior to 2.362.0 contained security vulnerabilities. These vulnerabilities stemmed from a cross-organizational token exchange issue. The...

5.8AI score0.0042EPSS
Exploits0References1
CVE
CVE
added 2026/04/03 11:45 a.m.17 views

CVE-2026-5467

Casdoor 2.356.0 contains a vulnerability in the OAuth Authorization Request Handler where manipulating the redirect_uri enables an open redirect. The issue can be triggered remotely; a public exploit exists. The vendor was contacted but no response. No remediation details are provided in the sour...

6.1CVSS5.5AI score0.00324EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/10/08 12:0 a.m.5 views

Casdoor 安全漏洞

Casdoor is an open source platform from Casdoor Open Source that supports multiple authentication and authorization protocols. A security vulnerability exists in Casdoor versions prior to 2.26.0, which stems from a flaw in the permission validation module and editing interface that could lead to ...

7.2CVSS6.5AI score0.00613EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/03/06 12:0 a.m.6 views

The vulnerability of the application programming interface of the IAM and SSO Casdoor platform allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the application programming interface of the IAM and SSO Casdoor platform relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability may allow a malicious actor, operating remotely, to gain unauthorized access to protected...

7.8CVSS7.3AI score0.58927EPSS
Exploits9References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/09/02 12:0 a.m.4 views

The vulnerability of the IAM and SSO Casdoor platform lies in its ability to download files of a malicious nature without limitation. This allows a hacker to download and execute any file on the target system.

The vulnerability of the IAM and SSO Casdoor platform lies in its ability to allow unlimited loading of malicious files. Exploiting this vulnerability could enable a malicious actor, operating remotely, to load and execute any file on the target system...

10CVSS5.6AI score
Exploits0References1Affected Software1
Rows per page
Query Builder