lightsaml/lightsaml is vulnerable to incorrect access control. The vulnerability exists in the signature validation found in readers of src/LightSaml/Model/XmlDSig/
that could allow a malicious user to impersonate other users from the Identity Provider.
CPE | Name | Operator | Version |
---|---|---|---|
lightsaml/lightsaml | le | 1.3.3 |