Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:40 a.m.6 views

CVE-2022-26493

Xecurify's miniOrange Premium, Standard, and Enterprise Drupal SAML SP modules possess an authentication and authorization bypass vulnerability. An attacker with access to a HTTP-request intercepting method is able to bypass authentication and authorization by removing the SAML Assertion Signatur...

9.8CVSS7AI score0.00545EPSS
Exploits0References1
Circl
Circl
added 2022/06/03 10:26 p.m.6 views

CVE-2022-26493

creationtimestamp| type| source ---|---|--- 2022-06-03 22:26:46+00:00| seen| https://t.me/cibsecurity/43829...

9.8CVSS8.6AI score0.00545EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/03 6:15 p.m.2 views

CVE-2022-26493

Xecurify's miniOrange Premium, Standard, and Enterprise Drupal SAML SP modules possess an authentication and authorization bypass vulnerability. An attacker with access to a HTTP-request intercepting method is able to bypass authentication and authorization by removing the SAML Assertion Signatur...

9.8CVSS5.9AI score0.00545EPSS
Exploits0References3
CVE
CVE
added 2022/06/03 4:0 p.m.119 views

CVE-2022-26493

CVE-2022-26493 affects Xecurify’s miniOrange Drupal SAML SP modules (Premium, Standard, Enterprise) for Drupal 7, 8, and 9. The root cause is an authentication/authorization bypass via removing the SAML Assertion Signature, allowing an attacker who can intercept HTTP requests to impersonate exist...

9.8CVSS8.8AI score0.00545EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/06/03 4:0 p.m.21 views

CVE-2022-26493 miniOrange SAML Authentication Bypass

Xecurify's miniOrange Premium, Standard, and Enterprise Drupal SAML SP modules possess an authentication and authorization bypass vulnerability. An attacker with access to a HTTP-request intercepting method is able to bypass authentication and authorization by removing the SAML Assertion Signatur...

9.8CVSS9.8AI score0.00545EPSS
Exploits0References1
Rows per page
Query Builder