TheServerSide

SAML: It's Not just for Web services

SAML (Security Assertion Markup Language) is an XML-based standard for exchanging authentication and authorization data between security domains. SAML is a product of the OASIS Security Services ...
Bleeping Computer

Critical Golang XML parser bugs can cause SAML authentication bypass

This week, Mattermost, in coordination with Golang has disclosed 3 critical vulnerabilities within Go language's XML parser. If exploited, these vulnerabilities, also impacting multiple Go-based SAML ...
Bleeping Computer

Critical Samlify SSO flaw lets attackers log in as admin

A critical Samlify authentication bypass vulnerability has been discovered that allows attackers to impersonate admin users by injecting unsigned malicious assertions into legitimately signed SAML ...