Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Apereo Subscribe
Filtered by product Cas Server
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-2296 1 Apereo 1 Cas Server 2018-09-19 6.8 MEDIUM 8.8 HIGH
XML external entity (XXE) vulnerability in java/org/jasig/cas/util/SamlUtils.java in Jasig CAS server before 3.4.12.1 and 3.5.x before 3.5.2.1, when Google Accounts Integration is enabled, allows remote unauthenticated users to bypass authentication via crafted XML data.