CVE-2024-11207 | Apereo CAS 6.6 /login redirect_uri

A vulnerability has been found in Apereo CAS 6.6 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login. The manipulation of the argument redirect_uri leads to open redirect.

This vulnerability is known as CVE-2024-11207. The attack can be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-11207 | Apereo CAS 6.6 /login redirect_uri

Related Posts

CVE-2024-4293 | PHPGurukul Doctor Appointment Management System 1.0 appointment-bwdates-reports-details.php fromdate/todate cross site scripting

CVE-2024-5344 | Plus Addons for Elementor Page Builder Plugin up to 5.5.6 on WordPress WP Login/Register Widget cross site scripting

CVE-2024-10557 | code-projects Blood Bank Management System 1.0 /file/updateprofile.php cross-site request forgery

CVE-2024-4164 | Tenda G3 15.11.0.17(9502) ModifyPppAuthWhiteMac formModifyPppAuthWhiteMac pppoeServerWhiteMacIndex stack-based overflow