HackerOne: Accidental Access to Programs Information via SAML Login

On November 8th, 2018, HackerOne released software to production that contained a bug which impacted our Security Assertion Markup Language SAML authentication system. As a result of the bug, the SAML JIT Just-In-Time provisioning mechanism granted users of one customer program read-only access t...