CVE-2026-2493

IceWarp Collaboration Directory Traversal Information Disclosure (CVE-2026-2493 context) is detailed in ZDI-26-130. The flaw exists in the collaboration endpoint’s handling of the ticket parameter; improper validation of a user-supplied path before file operations allows remote attackers to discl...

USN-6914-1 ocsinventory-server vulnerability

Filip Hejsek discovered that the phpCAS library included in OCS Inventory was using HTTP headers to determine the service URL used to validate tickets. A remote attacker could possibly use this issue to gain access to a victim's account...

Uvdesk vulnerable to stored cross-site scripting (XSS)

Uvdesk version 1.1.1 allows an unauthenticated remote attacker to exploit a stored XSS in the application. This is possible because the application does not correctly validate the message sent by the clients in the ticket...

SUSE CVE-2016-6302

The tlsdecryptticket function in ssl/t1lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short...

Jasig Java CAS Client, .NET CAS Client, and phpCAS contain URL parameter injection vulnerability

A URL parameter injection vulnerability was found in the back-channel ticket validation step of the CAS protocol in Jasig Java CAS Client before 3.3.2, .NET CAS Client before 1.0.2, and phpCAS before 1.3.3 that allow remote attackers to inject arbitrary web script or HTML via the 1 service...

AZL-10661 CVE-2020-17049 affecting package samba 4.12.5-7

A security feature bypass vulnerability exists in the way Key Distribution Center KDC determines if a service ticket can be used for delegation via Kerberos Constrained Delegation KCD. To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service...

Security feature bypass

A security feature bypass vulnerability exists in the way Key Distribution Center KDC determines if a service ticket can be used for delegation via Kerberos Constrained Delegation KCD. To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service...

CVE-2014-4172

A URL parameter injection vulnerability was found in the back-channel ticket validation step of the CAS protocol in Jasig Java CAS Client before 3.3.2, .NET CAS Client before 1.0.2, and phpCAS before 1.3.3 that allow remote attackers to inject arbitrary web script or HTML via the 1 service...

CVE-2018-13257

The bb-auth-provider-cas authentication module within Blackboard Learn 2018-07-02 is susceptible to HTTP host header spoofing during Central Authentication Service CAS service ticket validation, enabling a phishing attack from the CAS server login page...

Design/Logic Flaw

The bb-auth-provider-cas authentication module within Blackboard Learn 2018-07-02 is susceptible to HTTP host header spoofing during Central Authentication Service CAS service ticket validation, enabling a phishing attack from the CAS server login page...

OPENSUSE-SU-2019:1682-1 Security update for libheimdal

This update for libheimdal fixes the following issues: libheimdal was updated to version 7.7.0: + Bug fixes: - PKCS11 hcrypto back-end: + initialize the p11moduleload function list + verify that not only is a mechanism present but that its mechanism info states that it offers the required...

CVE-2018-13257

The bb-auth-provider-cas authentication module within Blackboard Learn 2018-07-02 is susceptible to HTTP host header spoofing during Central Authentication Service CAS service ticket validation, enabling a phishing attack from the CAS server login page...

DEBIAN-CVE-2016-6302

The tlsdecryptticket function in ssl/t1lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short...

WordPress StageShow 5.0.8 Open Redirect

Title: Open redirect vulnerability in StageShow Wordpress plugin v5.0.8 Submitter: Nitin Venkatesh Product: StageShow Wordpress Plugin Product URL: https://wordpress.org/plugins/stageshow Vulnerability Type: URL Redirection to Untrusted Site 'Open Redirect' CWE-601 Affected Versions: v5.0.8 and...

cas-client: Bypass of security constraints via URL parameter injection

A URL parameter injection vulnerability was found in the back-channel ticket validation step of the CAS protocol in Jasig Java CAS Client before 3.3.2, .NET CAS Client before 1.0.2, and phpCAS before 1.3.3 that allow remote attackers to inject arbitrary web script or HTML via the 1 service...

Fedora 13 : php-pear-CAS-1.1.3-1.fc13 (2010-15943)

This release contains 3 security fixes for vulnerabilities in the proxy callback mechanism. These vulnerabilities only affect phpCAS clients that are running in proxy mode. The release is fully compatible with all versions 1.1.x versions. The changes are : Security Issue - CVE-2010-3690 phpCAS: X...