XML Signature Wrapping (XSW) Vulnerability in TOPdesk v12.10.12 SAML-based Single Sign-on

XML Signature Wrapping (XSW) Vulnerability in TOPdesk v12.10.12 SAML-based Single Sign-on

CVE-2023-34923 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

XML Signature Wrapping (XSW) in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Identity Provider (IP) to impersonate any TOPdesk user via SAML Response manipulation.

Learn more about our User Device Pen Test.