Vendor CVEs
Apereo
All CVEs
22 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-32985 | Cri | 0.72 | 9.8 | 0.01 | Mar 20, 2026 | Xerte Online Toolkits versions 3.14 and earlier contain an unauthenticated arbitrary file upload vulnerability in the template import functionality that allows remote attackers to execute arbitrary code by uploading a crafted ZIP archive containing malicious PHP payloads.… | ||
| CVE-2014-2296 | Hig | 0.57 | 8.8 | 0.02 | Jul 20, 2018 | XML external entity (XXE) vulnerability in java/org/jasig/cas/util/SamlUtils.java in Jasig CAS server before 3.4.12.1 and 3.5.x before 3.5.2.1, when Google Accounts Integration is enabled, allows remote unauthenticated users to bypass authentication via crafted XML data. | ||
| CVE-2017-1000071 | Hig | 0.53 | 8.1 | 0.04 | Jul 17, 2017 | Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass in the validateCAS20 function when configured to authenticate against an old CAS server. | ||
| CVE-2025-12266 | Med | 0.41 | 6.3 | 0.00 | Oct 27, 2025 | A vulnerability was detected in Zytec Dalian Zhuoyun Technology Central Authentication Service up to 20251009. This vulnerability affects the function _empty of the file /index.php/auth/widget. Performing manipulation of the argument get.layer/get.widget/get.action results in… | ||
| CVE-2017-1000221 | Med | 0.35 | 6.5 | 0.01 | Nov 17, 2017 | In Opencast 2.2.3 and older if user names overlap, the Opencast search service used for publication to the media modules and players will handle the access control incorrectly so that users only need to match part of the user name used for the access restriction. For example, a… | ||
| CVE-2025-3986 | 0.00 | — | 0.01 | Apr 27, 2025 | A vulnerability was found in Apereo CAS 5.2.6. It has been declared as problematic. This vulnerability affects unknown code of the file cas-5.2.6\core\cas-server-core-configuration-metadata-repository\src\main\java\org\apereo\cas\metadata\rest\CasConfigurationMetadataServerContro… | |||
| CVE-2025-3985 | 0.00 | — | 0.01 | Apr 27, 2025 | A vulnerability was found in Apereo CAS 5.2.6. It has been classified as problematic. This affects the function ResponseEntity of the file cas-5.2.6\webapp-mgmt\cas-management-webapp-support\src\main\java\org\apereo\cas\mgmt\services\web\ManageRegisteredServicesMultiActionControl… | |||
| CVE-2025-3984 | 0.00 | — | 0.00 | Apr 27, 2025 | A vulnerability was found in Apereo CAS 5.2.6 and classified as critical. Affected by this issue is the function saveService of the file cas-5.2.6\webapp-mgmt\cas-management-webapp-support\src\main\java\org\apereo\cas\mgmt\services\web\RegisteredServiceSimpleFormController.java… | |||
| CVE-2024-11209 | 0.00 | — | 0.01 | Nov 14, 2024 | A vulnerability was found in Apereo CAS 6.6. It has been classified as critical. This affects an unknown part of the file /login?service of the component 2FA. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been… | |||
| CVE-2024-11208 | 0.00 | — | 0.01 | Nov 14, 2024 | A vulnerability was found in Apereo CAS 6.6 and classified as problematic. Affected by this issue is some unknown functionality of the file /login?service. The manipulation leads to session expiration. The attack may be launched remotely. The complexity of an attack is rather… | |||
| CVE-2024-11207 | 0.00 | — | 0.00 | Nov 14, 2024 | A vulnerability has been found in Apereo CAS 6.6 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login. The manipulation of the argument redirect_uri leads to open redirect. The attack can be launched remotely. The exploit… | |||
| CVE-2018-16153 | 0.00 | — | 0.01 | Dec 12, 2023 | An issue was discovered in Apereo Opencast 4.x through 10.x before 10.6. It sends system digest credentials during authentication attempts to arbitrary external services in some situations. | |||
| CVE-2023-4612 | 0.00 | — | 0.01 | Nov 9, 2023 | Improper Authentication vulnerability in Apereo CAS in jakarta.servlet.http.HttpServletRequest.getRemoteAddr method allows Multi-Factor Authentication bypass.This issue affects CAS: through 7.0.0-RC7. It is unknown whether in new versions the issue will be fixed. For the date… | |||
| CVE-2023-28857 | 0.00 | — | 0.01 | Jun 27, 2023 | Apereo CAS is an open source multilingual single sign-on solution for the web. Apereo CAS can be configured to use authentication based on client X509 certificates. These certificates can be provided via TLS handshake or a special HTTP header, such as “ssl_client_cert”. When… | |||
| CVE-2022-39369 | 0.00 | — | 0.01 | Nov 1, 2022 | phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service (CAS) server. The phpCAS library uses HTTP headers to determine the service URL used to validate tickets. This allows an attacker to control the… | |||
| CVE-2015-1169 | 0.00 | — | 0.03 | Feb 10, 2015 | Apereo Central Authentication Service (CAS) Server before 3.5.3 allows remote attackers to conduct LDAP injection attacks via a crafted username, as demonstrated by using a wildcard and a valid password to bypass LDAP authentication. | |||
| CVE-2012-5583 | 0.00 | — | 0.01 | Jun 6, 2014 | phpCAS before 1.3.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | |||
| CVE-2010-3692 | 0.00 | — | 0.04 | Oct 7, 2010 | Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter. | |||
| CVE-2010-3691 | 0.00 | — | 0.00 | Oct 7, 2010 | PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is enabled, allows local users to overwrite arbitrary files via a symlink attack on an unspecified file. | |||
| CVE-2010-3690 | 0.00 | — | 0.03 | Oct 7, 2010 | Multiple cross-site scripting (XSS) vulnerabilities in phpCAS before 1.1.3, when proxy mode is enabled, allow remote attackers to inject arbitrary web script or HTML via (1) a crafted Proxy Granting Ticket IOU (PGTiou) parameter to the callback function in client.php, (2)… | |||
| CVE-2010-2796 | 0.00 | — | 0.03 | Aug 5, 2010 | Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2, when proxy mode is enabled, allows remote attackers to inject arbitrary web script or HTML via a callback URL. | |||
| CVE-2010-2795 | 0.00 | — | 0.02 | Aug 5, 2010 | phpCAS before 1.1.2 allows remote authenticated users to hijack sessions via a query string containing a crafted ticket value. |
- risk 0.72cvss 9.8epss 0.01
Xerte Online Toolkits versions 3.14 and earlier contain an unauthenticated arbitrary file upload vulnerability in the template import functionality that allows remote attackers to execute arbitrary code by uploading a crafted ZIP archive containing malicious PHP payloads.…
- risk 0.57cvss 8.8epss 0.02
XML external entity (XXE) vulnerability in java/org/jasig/cas/util/SamlUtils.java in Jasig CAS server before 3.4.12.1 and 3.5.x before 3.5.2.1, when Google Accounts Integration is enabled, allows remote unauthenticated users to bypass authentication via crafted XML data.
- risk 0.53cvss 8.1epss 0.04
Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass in the validateCAS20 function when configured to authenticate against an old CAS server.
- risk 0.41cvss 6.3epss 0.00
A vulnerability was detected in Zytec Dalian Zhuoyun Technology Central Authentication Service up to 20251009. This vulnerability affects the function _empty of the file /index.php/auth/widget. Performing manipulation of the argument get.layer/get.widget/get.action results in…
- risk 0.35cvss 6.5epss 0.01
In Opencast 2.2.3 and older if user names overlap, the Opencast search service used for publication to the media modules and players will handle the access control incorrectly so that users only need to match part of the user name used for the access restriction. For example, a…
- CVE-2025-3986Apr 27, 2025risk 0.00cvss —epss 0.01
A vulnerability was found in Apereo CAS 5.2.6. It has been declared as problematic. This vulnerability affects unknown code of the file cas-5.2.6\core\cas-server-core-configuration-metadata-repository\src\main\java\org\apereo\cas\metadata\rest\CasConfigurationMetadataServerContro…
- CVE-2025-3985Apr 27, 2025risk 0.00cvss —epss 0.01
A vulnerability was found in Apereo CAS 5.2.6. It has been classified as problematic. This affects the function ResponseEntity of the file cas-5.2.6\webapp-mgmt\cas-management-webapp-support\src\main\java\org\apereo\cas\mgmt\services\web\ManageRegisteredServicesMultiActionControl…
- CVE-2025-3984Apr 27, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in Apereo CAS 5.2.6 and classified as critical. Affected by this issue is the function saveService of the file cas-5.2.6\webapp-mgmt\cas-management-webapp-support\src\main\java\org\apereo\cas\mgmt\services\web\RegisteredServiceSimpleFormController.java…
- CVE-2024-11209Nov 14, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in Apereo CAS 6.6. It has been classified as critical. This affects an unknown part of the file /login?service of the component 2FA. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been…
- CVE-2024-11208Nov 14, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in Apereo CAS 6.6 and classified as problematic. Affected by this issue is some unknown functionality of the file /login?service. The manipulation leads to session expiration. The attack may be launched remotely. The complexity of an attack is rather…
- CVE-2024-11207Nov 14, 2024risk 0.00cvss —epss 0.00
A vulnerability has been found in Apereo CAS 6.6 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login. The manipulation of the argument redirect_uri leads to open redirect. The attack can be launched remotely. The exploit…
- CVE-2018-16153Dec 12, 2023risk 0.00cvss —epss 0.01
An issue was discovered in Apereo Opencast 4.x through 10.x before 10.6. It sends system digest credentials during authentication attempts to arbitrary external services in some situations.
- CVE-2023-4612Nov 9, 2023risk 0.00cvss —epss 0.01
Improper Authentication vulnerability in Apereo CAS in jakarta.servlet.http.HttpServletRequest.getRemoteAddr method allows Multi-Factor Authentication bypass.This issue affects CAS: through 7.0.0-RC7. It is unknown whether in new versions the issue will be fixed. For the date…
- CVE-2023-28857Jun 27, 2023risk 0.00cvss —epss 0.01
Apereo CAS is an open source multilingual single sign-on solution for the web. Apereo CAS can be configured to use authentication based on client X509 certificates. These certificates can be provided via TLS handshake or a special HTTP header, such as “ssl_client_cert”. When…
- CVE-2022-39369Nov 1, 2022risk 0.00cvss —epss 0.01
phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service (CAS) server. The phpCAS library uses HTTP headers to determine the service URL used to validate tickets. This allows an attacker to control the…
- CVE-2015-1169Feb 10, 2015risk 0.00cvss —epss 0.03
Apereo Central Authentication Service (CAS) Server before 3.5.3 allows remote attackers to conduct LDAP injection attacks via a crafted username, as demonstrated by using a wildcard and a valid password to bypass LDAP authentication.
- CVE-2012-5583Jun 6, 2014risk 0.00cvss —epss 0.01
phpCAS before 1.3.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
- CVE-2010-3692Oct 7, 2010risk 0.00cvss —epss 0.04
Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter.
- CVE-2010-3691Oct 7, 2010risk 0.00cvss —epss 0.00
PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is enabled, allows local users to overwrite arbitrary files via a symlink attack on an unspecified file.
- CVE-2010-3690Oct 7, 2010risk 0.00cvss —epss 0.03
Multiple cross-site scripting (XSS) vulnerabilities in phpCAS before 1.1.3, when proxy mode is enabled, allow remote attackers to inject arbitrary web script or HTML via (1) a crafted Proxy Granting Ticket IOU (PGTiou) parameter to the callback function in client.php, (2)…
- CVE-2010-2796Aug 5, 2010risk 0.00cvss —epss 0.03
Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2, when proxy mode is enabled, allows remote attackers to inject arbitrary web script or HTML via a callback URL.
- CVE-2010-2795Aug 5, 2010risk 0.00cvss —epss 0.02
phpCAS before 1.1.2 allows remote authenticated users to hijack sessions via a query string containing a crafted ticket value.