Public CVE-2010-2791 disclosure

phpCAS before 1.1.2 allows remote authenticated users to hijack sessions via a query string containing a crafted ticket value.