2 matches found
CVE-2022-35741
creationtimestamp| type| source ---|---|--- 2022-07-18 18:39:52+00:00| seen| https://t.me/cibsecurity/46461 2022-08-14 13:05:01+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/6591 2022-08-14 14:30:59+00:00| published-proof-of-concept| https://t.me/MrVGunz/386...
CVE-2022-35741
The CVE-2022-35741 issue affects Apache CloudStack 4.5.0 and later, specifically the SAML 2.0 authentication Service Provider plugin. The vulnerability is XML External Entity (XXE) injection in the XML-based SAML messages parsed during authentication. Attacker must have the plugin enabled (not en...