Vulnerabilities > Apereo > Central Authentication Service > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-27 | CVE-2023-28857 | Insufficiently Protected Credentials vulnerability in Apereo Central Authentication Service Apereo CAS is an open source multilingual single sign-on solution for the web. | 7.5 |
| 2015-02-10 | CVE-2015-1169 | Injection vulnerability in Apereo Central Authentication Service Apereo Central Authentication Service (CAS) Server before 3.5.3 allows remote attackers to conduct LDAP injection attacks via a crafted username, as demonstrated by using a wildcard and a valid password to bypass LDAP authentication. | 7.5 |