CVE-2022-23170
CVE-2022-23170 affects SysAid with Okta SSO integration and describes an XML External Entity (XXE) vulnerability. The issue arises in the identity provider endpoint via a malformed POST to the SAMLRequest, allowing an attacker to extract the identity provider endpoint by locating AssertionConsume...