passport-wsfed-saml2 is vulnerable to elevation of privileges. When a SAML identity provider doesn’t sign the entire SAML response, attackers can change the NameIdentifier
to login as a different user. The attacker needs either be able to intercept encrypted traffic and modify SAML responses on the fly or have an existing attack.
CPE | Name | Operator | Version |
---|---|---|---|
passport-wsfed-saml2 | le | 3.0.4 |