CVE-2010-2795

phpCAS before 1.1.2 allows remote authenticated users to hijack sessions via a query string containing a crafted ticket value.

Date published : 2010-08-05

http://www.securityfocus.com/bid/42162

https://forge.indepnet.net/projects/glpi/repository/revisions/12601