CVSSv4: NA |
CVSSv3: 8.1 |
CVSSv2: 6.8 |
VMScore: 910 |
EPSS: 0.00615 |
KEV: Not Included
Published: 17/07/2017 Updated: 21/11/2024
Vulnerability Summary
Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass in the validateCAS20 function when configured to authenticate against an old CAS server.