VU#780781: Casdoor contains multiple authentication bypass and access management vulnerabilities

Source: Kb.Cert

Published:

<p>Casdoor versions 2.362.0 and earlier contain several identity and access management vulnerabilities that enable broad authentication bypass and privilege escalation. These flaws relate to Casdoor’s Security Assertion Markup Language (SAML) processing, account binding, and token exchange mechanism

Read original article