6 at 8:49:17 AM
To: CAS Community <cas-user@apereo.org>
Subject: [cas-user] CAS 4.1.X Cross-Frame Scripting/Clickjacking prevention?
Hi,
We are running CAS 4.1.9 overlay. Our security team, after app scanning, has
reported that CAS has a security vulnerability: Cross-frame scrip
Hi,
We are running CAS 4.1.9 overlay. Our security team, after app scanning,
has reported that CAS has a security vulnerability: Cross-frame scripting
which allows clickjacking. Basically, CAS allows itself to be framed in
another app.
If I understand it correctly, an attacker will use