> Do you have a link to a ticket or discussion about this? I'm curious what > vulnerability is introduced by having CAS issue this untrusted redirect.
Think this is it: https://issues.jasig.org/browse/CAS-885 Also, see 3.4.2.1 release notes. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
