6 matches found
Code Injection
org.apereo.cas:cas-management-webapp-support is vulnerable to Code Injection. The vulnerability is due to improper input handling due to unsanitized Groovy code execution in the saveService function, which allows remote attackers to inject and execute arbitrary code...
org.apereo.cas:cas-management-webapp (>=5.0.0 <=5.0.10) potentially affected by CVE-2025-3985 via org.apereo.cas:cas-management-webapp-support (>=5.0.0 <=5.0.9)
org.apereo.cas:cas-management-webapp-support MAVEN version =5.0.0, =5.0.0, =5.0.10 Source cves: CVE-2025-3985 Source advisory: OSV:GHSA-8RX4-FXQ5-VJ4V...
org.apereo.cas:cas-management-webapp (>=5.0.0 <=5.0.10) potentially affected by CVE-2025-3984 via org.apereo.cas:cas-management-webapp-support (>=5.0.0 <=5.0.9)
org.apereo.cas:cas-management-webapp-support MAVEN version =5.0.0, =5.0.0, =5.0.10 Source cves: CVE-2025-3984 Source advisory: OSV:GHSA-37PQ-893F-G7Q5...
org.apereo.cas:cas-management-webapp (>=5.0.0 <=5.0.10) potentially affected by CVE-2025-3984 via org.apereo.cas:cas-management-webapp-support (>=5.0.0 <=5.0.9)
org.apereo.cas:cas-management-webapp-support MAVEN version =5.0.0, =5.0.0, =5.0.10 Source cves: CVE-2025-3984 Source advisory: SNYK:JAVA-ORGAPEREOCAS-9893219...
org.apereo.cas:cas-management-webapp (>=5.0.0 <=5.0.10) potentially affected by CVE-2025-3985 via org.apereo.cas:cas-management-webapp-support (>=5.0.0 <=5.0.9)
org.apereo.cas:cas-management-webapp-support MAVEN version =5.0.0, =5.0.0, =5.0.10 Source cves: CVE-2025-3985 Source advisory: SNYK:JAVA-ORGAPEREOCAS-9893216...
org.jasig.cas:cas-management-webapp (>=4.0.0 <=4.0.7), org.jasig.cas:cas-server-webapp (>=3.5.1 <=3.6.0) potentially affected by CVE-2023-34613 via net.sf.sojo:sojo (=1.0.5)
net.sf.sojo:sojo MAVEN version =1.0.5 is affected by a known vulnerability. The following packages have a transitive dependency on net.sf.sojo:sojo and may be impacted: - org.jasig.cas:cas-management-webapp =4.0.0, =3.5.1, =3.6.0 Source cves: CVE-2023-34613 Source advisory: OSV:GHSA-75R3-38RH-PMX...