EPSS
Percentile
70.5%
PySAML2 is vulnerable to XML external entity attacks (XXE). The vulnerability allows remote malicious users to read arbitrary files using a SAMPL XML request or response as the injection vector for the XXE attack.
github.com/rohe/pysaml2/commit/6e09a25d9b4b7aa7a506853210a9a14100b8bc9b
github.com/rohe/pysaml2/pull/379