← Back

Samlbase

samlbase

Vendor: Wizkunde • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-5387
1Wizkunde
1Samlbase
Nov 21, 2024
Jul 24, 2018
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Wizkunde SAMLBase may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature...Show more
Wizkunde SAMLBase may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.Show less