2 matches found
Authentication flaw
Sustainsys.Saml2 library adds SAML2P support to ASP.NET web sites, allowing the web site to act as a SAML2 Service Provider. Prior to versions 1.0.3 and 2.9.2, when a response is processed, the issuer of the Identity Provider is not sufficiently validated. This could allow a malicious identity...
Million ASP.Net web sites affected with mass SQL injection attack
Million ASP.Net web sites affected with mass SQL injection attack Hackers are in the midst of a massively successful SQL injection attack targeting websites built on Microsoft's ASP.Net platform. About 180,000 pages have been affected so far, security researchers say. Attackers have planted...