GHSA-77FW-RF4V-VFP9 passport-wsfed-saml2 vulnerable to Signature Bypass in SAML2 token
Information Please note that this is not a new disclosure, and is previously reported in our SECURITY-NOTICE.md which we removed in favor of github advisory. Overview This vulnerability allows an attacker to impersonate another user and potentially elevate their privileges if the SAML identity...