Tag

Simplesamlphp

1 brief RSS

SimpleSAMLphp casserver FileSystemTicketStore Path Traversal Vulnerability

A path traversal vulnerability in SimpleSAMLphp's casserver module allows remote attackers to read and potentially delete arbitrary files outside the ticket directory by manipulating the ticket parameter in CAS validation requests, impacting confidentiality and integrity.

simplesamlphp/simplesamlphp-module-casserver <= 7.0.2 path-traversal file-deletion simplesamlphp

2r 1t 1h ago