Red Hat PicketLink Privilege Bypass Vulnerability
Red Hat PicketLink is a unified identity management framework for Java applications. The 'invokeNextValve' function in the identity/federation/bindings/tomcat/idp/AbstractIDPValve.java file of Red Hat PicketLink failed to correctly Checking role-based authorization allows remote attackers to send...