CVE-2023-49087
The CVE-2023-49087 issue affects the xml-security library used by SimpleSAMLphp. The root cause is insufficient validation while computing or comparing signatures: if an attacker can manipulate the canonicalized DigestValue, the cryptographic signature on the SignedInfo tree could be forged. The ...