CVE-2017-11427
Affected software: OneLogin PythonSAML (PythonSAML) with version 2.3.0 and earlier. Root cause: Incorrect use of XML DOM traversal and canonicalization APIs, enabling manipulation of SAML data while preserving the cryptographic signature. Impact: Potential bypass of authentication to SAML service...