Marvin S. Addison

1 exploit Active since Feb 2015
CVE-2015-1169 WRITEUP WRITEUP
Apereo Central Authentication Service < 3.5.2 - LDAP Injection via Username Parameter
Apereo Central Authentication Service (CAS) Server before 3.5.3 allows remote attackers to conduct LDAP injection attacks via a crafted username, as demonstrated by using a wildcard and a valid password to bypass LDAP authentication.