CVE-2020-5261
The CVE concerns Sustainsys.Saml2 (ASP.NET, NuGet) versions greater than 2.0.0 and less than 2.5.0, which have a faulty Token Replay Detection implementation. Token Replay Detection is cited as a defense in depth for SSO; the 2.5.0 release is patched, while 1.0.1 and earlier are reported as safe....