Hi Misagh, Does this vulnerability extend to CAS versions before 6.5? We're planning an upgrade to 6.6 right now but it would be useful to know if we're currently vulnerable on 6.3.x (we have one Groovy script in our MFA flow).
Cheers, Graham. – Graham Ballantyne (he/him) Identity & Access Management Architect — IT Services Simon Fraser University — Strand Hall 1001 8888 University Dr., Burnaby, B.C. V5A 1S6 grah...@sfu.ca — 604-837-6698 > On Aug 30, 2023, at 01:35, Misagh <misagh.moay...@gmail.com> wrote: > > Please see: https://apereo.github.io/2023/08/30/groovy-vuln/ > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGSBKkdQoLdTvcC5z7Ts2MwAGwqBXrjSXQ1dze9ry5J45NEoHQ%40mail.gmail.com. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/34741195-1805-4D02-AE8F-8EC23E19DA04%40grahamballantyne.com.
