Download
| Alert*
|
oval:org.secpod.oval:def:21032
Marvin S. Addison discovered that Jasig phpCAS, a PHP library for the CAS authentication protocol, did not encode tickets before adding them to an URL, creating a possibility for cross site scripting. oval:org.secpod.oval:def:107397 Jasig CAS Client for Java is the integration point for applications that want to speak with a CAS server, either via the CAS 1.0 or CAS 2.0 protocol. |
