CVE-2010-2796

phpCAS <1.1.2 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2, when proxy mode is enabled, allows remote attackers to inject arbitrary web script or HTML via a callback URL.

References (19)

[Vendor Advisory] http://secunia.com/advisories/40845

[Third Party Advisory] http://secunia.com/advisories/41240

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/60895

[Various Sources] https://forge.indepnet.net/projects/glpi/repository/revisions/12601

[Various Sources] https://issues.jasig.org/browse/PHPCAS-67

[Third Party Advisory] https://wiki.jasig.org/display/CASC/phpCAS+ChangeLog

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/42160

[Mailing List, Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046576.html

[Mailing List, Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046584.html

[Mailing List, Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050415.html

[Mailing List, Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050428.html

[Third Party Advisory] http://www.debian.org/security/2011/dsa-2172

[Third Party Advisory] http://secunia.com/advisories/42149

[Third Party Advisory] http://secunia.com/advisories/42184

[Third Party Advisory] http://secunia.com/advisories/43427

[Third Party Advisory] http://www.vupen.com/english/advisories/2010/2234

[Third Party Advisory] http://www.vupen.com/english/advisories/2010/2261

[Third Party Advisory] http://www.vupen.com/english/advisories/2010/2909

[Third Party Advisory] http://www.vupen.com/english/advisories/2011/0456

Scores

EPSS 0.0074

EPSS Percentile 72.7%

Classification

CWE

CWE-79

Status published

Affected Products (36)

joachim_fritschi/phpcas < 1.1.1

joachim_fritschi/phpcas

... and 21 more

Timeline

Published Aug 05, 2010

Tracked Since Feb 18, 2026