3 matches found
SSOReady has an XML Signature Bypass via differential XML parsing
Affected versions are vulnerable to XML signature bypass attacks. An attacker can carry out signature bypass if you have access to certain IDP-signed messages. The underlying mechanism exploits differential behavior between XML parsers. Users of https://ssoready.com, the public hosted instance of...
GO-2024-3185 XML Signature Bypass via differential XML parsing in ssoready in github.com/ssoready/ssoready
XML Signature Bypass via differential XML parsing in ssoready in github.com/ssoready/ssoready...
CVE-2024-47832 XML Signature Bypass via differential XML parsing in ssoready
ssoready is a single sign on provider implemented via docker. Affected versions are vulnerable to XML signature bypass attacks. An attacker can carry out signature bypass if you have access to certain IDP-signed messages. The underlying mechanism exploits differential behavior between XML parsers...