Samlify and express-saml2 are vulnerable to XML signature wrapping attacks. Attackers who observe SAML responses are able to add NameID
’s to the response without breaking the signature check. This could allow them to login as any user.
CPE | Name | Operator | Version |
---|---|---|---|
express-saml2 | le | 1.4.1 | |
samlify | le | 2.2.0 |