We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
It would appear that this service provider is susceptible to the SAML vulnerability identified by Duo labs. The vulnerability would be in the use of xml-exc-c14n# instead of xml-exc-c14n#WithComments in src/Wizkunde/SAMLBase/Security/Signature.php.
The text was updated successfully, but these errors were encountered:
Hi @rsisco ,
Thank you for your report, we've fixed this in tag 1.2.7 and our library should no longer be affected.
If you have any further details or do find any way to still exploit this issue, please let us know and we'll get on it with the highest priority.
Sorry, something went wrong.
This is the commit, fixing the affected security issue:
482cdf8
RonXS
No branches or pull requests
It would appear that this service provider is susceptible to the SAML vulnerability identified by Duo labs. The vulnerability would be in the use of xml-exc-c14n# instead of xml-exc-c14n#WithComments in src/Wizkunde/SAMLBase/Security/Signature.php.
The text was updated successfully, but these errors were encountered: