-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI
C#C#Miggo AIRoot Cause AnalysisThe vulnerability stems from improper URL encoding of user-controlled parameters during CAS ticket validation(). The CVE description explicitly identifies two injection points: (1) the 'service' parameter in AbstractUrlBasedTicketValidator.java and (2) the 'pgtUrl' parameter in Cas20ServiceTicketValidator.java. Commit diffs (ae37092, f0e0300, #125) confirm these parameters were added to URLs without proper encoding, allowing attackers to inject arbitrary parameters. The .NET and PHP clients had analogous flaws in their ticket validation() URL construction. All identified functions directly handle these parameters without adequate sanitization, matching the CWE-74 injection pattern described.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| DotNetCasClient | nuget | < 1.0.2 | 1.0.2 |
| org.jasig.cas:cas-client | maven | < 3.3.2 | 3.3.2 |
| jasig/phpcas | composer | < 1.3.3 | 1.3.3 |
Ongoing coverage of React2Shell