CVE-2024-11208 | Apereo CAS 6.6 /login?service session expiration

A vulnerability was found in Apereo CAS 6.6 and classified as problematic. Affected by this issue is some unknown functionality of the file /login?service. The manipulation leads to session expiration.

This vulnerability is handled as CVE-2024-11208. The attack may be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-11208 | Apereo CAS 6.6 /login?service session expiration

Post correlati

CVE-2023-6294 | Popup Builder Plugin up to 4.2.5 on WordPress server-side request forgery

CVE-2024-42147 | Linux Kernel up to 6.1.97/6.6.38/6.9.8 debugfs initialization

CVE-2024-5550 | h2oai h2o-3 up to 3.40.0.4 information disclosure

CVE-2024-8566 | code-projects Online Shop Store 1.0 /settings.php error cross site scripting