Описание
Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2, when proxy mode is enabled, allows remote attackers to inject arbitrary web script or HTML via a callback URL.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libphp-cas | itp | package | ||
| glpi | removed | package | ||
| moodle | fixed | 1.9.9.dfsg2-2 | package |
Примечания
Only supported behind an authenticated HTTP zone
EPSS
Процентиль: 73%
0.00743
Низкий
Связанные уязвимости
nvd
больше 15 лет назад
Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2, when proxy mode is enabled, allows remote attackers to inject arbitrary web script or HTML via a callback URL.
github
больше 3 лет назад
Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2, when proxy mode is enabled, allows remote attackers to inject arbitrary web script or HTML via a callback URL.
EPSS
Процентиль: 73%
0.00743
Низкий