CVE-2023-48703
CVE-2023-48703 affects the RobotsAndPencils/go-saml library. The vulnerability is an authentication bypass caused by how the xmlsec1 tool is invoked to verify SAML signatures: if the enabled key data is not restricted, an attacker can embed a forged public key in the SAML token and sign assertion...