2 matches found
CVE-2019-12346
In the miniOrange SAML SP Single Sign On plugin before 4.8.73 for WordPress, the SAML Login Endpoint is vulnerable to XSS via a specially crafted SAMLResponse XML post...
CVE-2019-12346
The CVE-2019-12346 case concerns the WordPress plugin miniOrange SAML SP Single Sign On. Multiple sources confirm a cross-site scripting (XSS) vulnerability in the SAML Login Endpoint when processing a crafted SAMLResponse XML POST, affecting plugin versions prior to 4.8.73. The issue is document...