VYPR

Packagist (Composer) package

apereo/phpcas

pkg:composer/apereo/phpcas

Vulnerabilities (2)

  • CVE-2022-39369Nov 1, 2022
    affected < 1.6.0fixed 1.6.0

    phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service (CAS) server. The phpCAS library uses HTTP headers to determine the service URL used to validate tickets. This allows an attacker to control the host

  • CVE-2010-1618Apr 29, 2010
    affected < 1.1.0fixed 1.1.0

    Cross-site scripting (XSS) vulnerability in the phpCAS client library before 1.1.0, as used in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, which is not properly handled in an error message.