XML external entity (XXE) vulnerability in java/org/jasig/cas/util/SamlUtils.java in Jasig CAS server before 3.4.12.1 and 3.5.x before 3.5.2.1, when Google Accounts Integration is enabled, allows remote unauthenticated users to bypass authentication via crafted XML data.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published: 2018-07-20T17:00:00
Updated: 2024-08-06T10:06:00.271Z
Reserved: 2014-03-06T00:00:00
Link: CVE-2014-2296

No data.

Status : Modified
Published: 2018-07-20T17:29:00.210
Modified: 2024-11-21T02:06:01.583
Link: CVE-2014-2296

No data.