High severity vulnerability that affects samlify

2018-01-04T21:03:33
ID GHSA-8JJF-W7J6-323C
Type github
Reporter GitHub Advisory Database
Modified 2019-07-03T21:02:00

Description

An XML Signature Wrapping vulnerability exists in Samlify 2.2.0 and earlier, and in predecessor Express-saml2 which could allow attackers to impersonate arbitrary users.