CVE-2014-4198
The vulnerability CVE-2014-4198 affects BS-Client Private Client, versions 2.4 and 2.5. A flaw in the authentication flow allows a two-factor bypass via an XML request that omits ADPswID and AD parameters, enabling a malicious user to access privileged functions. Root cause stated as improper han...