PT-2025-23540
Name of the Vulnerable Software and Affected Versions SignXML versions prior to 4.0.4 Description The issue concerns a potential timing attack when verifying signatures with X509 certificate validation turned off and HMAC shared secret set. This could allow users to reconstruct the correct HMAC f...