2017-07-13 20:00:00
mitre
PUBLISHED
Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass in the validateCAS20 function when configured to authenticate against an old CAS server.