2 matches found
GHSA-P9W9-87C8-M235 Admidio Sends SAML Response to Unvalidated Assertion Consumer Service URL from AuthnRequest
Summary The SAML IdP implementation in Admidio's SSO module uses the AssertionConsumerServiceURL value directly from incoming SAML AuthnRequest messages as the destination for the SAML response, without validating it against the registered ACS URL smcacsurl stored in the database for the...
RHSSO: XSS due to lax URI scheme validation
Keycloak, an open-source identity and access management solution, has a cross-site scripting XSS vulnerability in the SAML or OIDC providers. The vulnerability can allow an attacker to execute malicious scripts by setting the AssertionConsumerServiceURL value or the redirecturi...