XML Signature Wrapping Vulnerability in Shibboleth OpenSAML Library
CVE-2011-1411 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:N
Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, and IdP before 2.3.2, allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack."
Learn more about our Web Application Penetration Testing UK.