GHSA-VMM6-W4CF-7F3X Authentication Bypass For Endpoints With Anonymous Access in Opencast
Impact Using a remember-me cookie with an arbitrary username can cause Opencast to assume proper authentication for that user even if the remember-me cookie was incorrect given that the attacked endpoint also allows anonymous access. This way, an attacker can, for example, fake a remember-me toke...