The vulnerability of the digital signature and XML encryption library for Node.js’ xml-crypto, related to improper verification of cryptographic signatures, allows attackers to forge digital signatures.

The vulnerability of the digital signature and encryption library for Node.js’ xml-crypto is related to improper validation of the cryptographic signature. Exploiting this vulnerability allows a malicious actor to forge digital signatures by inserting a newly created, specially crafted signature...