Author: Florian Scholdei

News and posts by Florian Scholdei

CAS plugin account hijacking vulnerability

Posted on 2025-05-21 by Florian Scholdei

Hey SCM-Manager Community,

we have discovered a vulnerability in the CAS plugin that could potentially lead to unauthorized access to user accounts. Under certain conditions, it would have been possible to perform actions on behalf of other users. We immediately reworked the…

Posted in scm-manager, security

JWT Configuration and SQLite Support

Posted on 2025-03-11 by Florian Scholdei

With the next minor release, we are introducing some exciting changes, particularly regarding JWT (JSON Web Token) configuration and Javadoc. We would also like to give you an outlook on what lies ahead regarding SQLite.

JWT – Flexible Lifetime Configuration

You will be able to…

Posted in scm-manager