CVE-2026-49381

In JetBrains TeamCity before 2026.1 stored XSS on the SAML login page was possible...

CVE-2026-49381

JetBrains TeamCity prior to version 2026.1 is affected by a stored cross-site scripting (XSS) vulnerability on the SAML login page. The issue allows an attacker to inject content that could be rendered in the victim’s browser, with the CVSS basis indicating UI interaction is required and privileg...

PT-2026-33977

An improper session timeout issue in Fortra's GoAnywhere MFT prior to version 7.10.0 results in SAML configured Web Users being redirected to the regular login page instead of the SAML login page...

CVE-2022-0903

A call stack overflow bug in the SAML login feature in Mattermost server in versions up to and including 6.3.2 allows an attacker to crash the server via submitting a maliciously crafted POST body...

Insertion of Sensitive Information Into Sent Data

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data in the oidc/saml login flows. An attacker can access sensitive information by sending crafted requests to the exposed interface. Remediation Upgrade...

EUVD-2020-21955

Malware in sbrugna...

EUVD-2018-7769

Malware in sbrugna...

EUVD-2020-23341

Malware in sbrugna...

EUVD-2021-28168

Malicious code in bioql PyPI...

EUVD-2022-15935

Malicious code in bioql PyPI...

Mattermost Server 10.5.x < 10.5.10 / 10.9.x < 10.9.5 / 10.10.x < 10.10.2 / 10.11.0 URL Redirection (MMSA-2025-00509)

The version of Mattermost Server installed on the remote host is affected by a vulnerability as referenced in the MMSA-2025-00509 advisory. - Mattermost versions 10.10.x = 10.10.1, 10.5.x = 10.5.9, 10.9.x = 10.9.4 fail to validate the redirectto parameter, allowing an attacker to craft a maliciou...

Mattermost Open Redirect vulnerability

Mattermost versions 10.10.x = 10.10.1, 10.5.x = 10.5.9, 10.9.x = 10.9.4 fail to validate the redirectto parameter, allowing an attacker to craft a malicious link that, once a user authenticates with their SAML provider, could post the user’s cookies to an attacker-controlled URL...

CVE-2025-9072

Mattermost versions 10.10.x = 10.10.1, 10.5.x = 10.5.9, 10.9.x = 10.9.4 fail to validate the redirectto parameter, allowing an attacker to craft a malicious link that, once a user authenticates with their SAML provider, could post the user’s cookies to an attacker-controlled URL...

PT-2025-37468

Name of the Vulnerable Software and Affected Versions Mattermost versions 10.5.0 through 10.5.9 Mattermost versions 10.9.0 through 10.9.4 Mattermost versions 10.10.0 through 10.10.1 Description Mattermost fails to validate the redirect to parameter, potentially allowing an attacker to craft a...

CVE-2023-1965

An issue has been discovered in GitLab EE affecting all versions starting from 14.2 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. Lack of verification on RelayState parameter allowed a maliciously crafted URL to obtain access toke...

CVE-2021-41015

A improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests to SAML login handler...

CVE-2020-35682

Zoho ManageEngine ServiceDesk Plus before 11134 allows an Authentication Bypass only during SAML login...

CVE-2020-29594

Rocket.Chat before 0.74.4, 1.x before 1.3.4, 2.x before 2.4.13, 3.x before 3.7.3, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 mishandles SAML login...

CVE-2025-23387 Rancher's SAML-based login via CLI can be denied by unauthenticated users

A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE rancher allowed unauthenticated users to list all CLI authentication tokens and delete them before the CLI is able to get the token value.This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9....

CVE-2025-0126 PAN-OS: Session Fixation Vulnerability in GlobalProtect SAML Login

When configured using SAML, a session fixation vulnerability in the GlobalProtect™ login enables an attacker to impersonate a legitimate authorized user and perform actions as that GlobalProtect user. This requires the legitimate user to first click on a malicious link provided by the attacker. T...