CAS plugin account hijacking vulnerability

Hey SCM-Manager Community,

we have discovered a vulnerability in the CAS plugin that could potentially lead to unauthorized access to user accounts. Under certain conditions, it would have been possible to perform actions on behalf of other users. We immediately reworked the plugin and released an update that fixes this vulnerability and improves access security.

We strongly recommend that all users update to the latest version of the scm-cas-plugin. Please update your plugin version! If you are currently using a 2.x version, please upgrade to 2.5.1. If you are currently using a 3.x version, please upgrade to 3.3.2.

If you don't use the CAS plugin, you are not affected by this issue. We take security seriously and are always working to keep our platform safe. Thank you for your trust and continued support.