Shibboleth » Shibboleth-identity-provider : Security Vulnerabilities, CVEs, CVSS score >= 1
Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, and IdP before 2.3.2, allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack."
Max CVSS
5.8
EPSS Score
0.56%
Published
2011-09-02
Updated
2013-10-11
1 vulnerabilities found