2 matches found
CVE-2015-9287
creationtimestamp| type| source ---|---|--- 2019-05-13 20:31:41+00:00| seen| https://t.me/cibsecurity/4276 2019-05-20 16:30:32+00:00| seen| https://t.me/cibsecurity/4387...
CVE-2015-9287
Affected software: University of Cambridge mod_ucam_webauth before 2.0.2. Vulnerability/source: Directory Traversal due to manipulation of the IdP's WLS-Response kid field, which is not signed. Root cause: kid field should be an integer but accepts any string. Impact (per documents): attacker cou...