AI Score
Confidence
Low
EPSS
Percentile
52.2%
SimpleSAMLphp before 1.15.2 allows remote attackers to bypass an open redirect protection mechanism via crafted authority data in a URL.
github.com/FriendsOfPHP/security-advisories/blob/master/simplesamlphp/simplesamlphp/CVE-2018-6520.yaml
github.com/simplesamlphp/simplesamlphp
github.com/simplesamlphp/simplesamlphp/issues/1473
nvd.nist.gov/vuln/detail/CVE-2018-6520
simplesamlphp.org/security/201801-02