GHSA-36H8-R92J-W9VW The AspNetCore Remote Authenticator for SPID Allows SAML Response Signature Verification Bypass

Description Authentication using Spid and CIE is based on the SAML2 standard which provides for two entities: Identity Provider IdP: the system that authenticates users and provides identity information SAML assertions to the Service Provider, essentially, it is responsible for managing user...

AspNetCore Remote Authenticator for SPID 授权问题漏洞

AspNetCore Remote Authenticator for SPID is an open source AspNetCore Remote Authenticator for SPID from Developers Italia. An authorization issue vulnerability exists in AspNetCore Remote Authenticator for SPID that stems from not properly verifying the signature of a SAML response. An attacker...

AspNetCore Remote Authenticator for CIE3.0 授权问题漏洞

AspNetCore Remote Authenticator for CIE3.0 is an open source AspNetCore Remote Authenticator for CIE 3.0 by Developers Italia. An authorization issue vulnerability exists in AspNetCore Remote Authenticator for CIE3.0 that stems from not properly verifying the signature of a SAML response. An...

AspNetCore Remote Authenticator for CIE3.0 Allows SAML Response Signature Verification Bypass

Authentication using Spid and CIE is based on the SAML2 standard which provides for two entities: Identity Provider IdP: the system that authenticates users and provides identity information SAML assertions to the Service Provider, essentially, it is responsible for managing user credentials and...