Node-SAML SAML Signature Verification Vulnerability - "Node-SAML loads the assertion from the (unsigned) original response document...is different than the parts that are verified when checking sig"

github.com

Node-SAML SAML Signature Verification Vulnerability - "Node-SAML loads the assertion from the (unsigned) original response document...is different than the parts that are verified when checking sig"

github.com

digicatM to

blueteamsecEnglish · 5 months ago

Node-SAML SAML Signature Verification Vulnerability

github.com

Node-SAML loads the assertion from the (unsigned) original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify authen...

You must log in or # to comment.

Chat

blueteamsec

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !blueteamsec@infosec.pub

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

10 users / day
77 users / week
275 users / month
886 users / 6 months
217 local subscribers
586 subscribers
1.87K Posts
149 Comments
Modlog

mods:
digicat