CAS plugin account hijacking vulnerability
Posted on 2025-05-21 by Florian Scholdei
Hey SCM-Manager Community,
we have discovered a vulnerability in the CAS plugin that could potentially lead to unauthorized access to user accounts. Under certain conditions, it would have been possible to perform actions on behalf of other users. We immediately reworked the…
Posted in scm-manager, security